Google is responding to criticism this week over its recent change to Chrome login behavior. Security experts criticized Google for automatically forcing Chrome users to log into the browser if they signed into Gmail on the web. You typically choose to sign into Chrome itself if you want to sync bookmarks, passwords, and browsing history between devices. While Google claims sync isn’t automatically enabled, the change has been interpreted as a method to trick users into inadvertently sharing more data. Google is now offering more control over the changes.
In a blog post entitled “Product updates based on your feedback,” Chrome product manager Zach Koch explains that Google is responding to the criticisms with some changes in Chrome 70. Google is adding a new control to disable the automatic Chrome sign in. Despite the control, it appears the automatic Chrome sign in (when you sign into Gmail on the web) will still be the default behavior.
Google is also updating its sync UI to make it clearer over whether you’re syncing data like passwords, credit cards, addresses, and browsing history to a Google Account. Chrome 70 will also clear all Google auth cookies when you sign out, instead of keeping these to allow you to stay signed in after cookies are cleared.
You can already disable this new login behavior in Google’s Chrome flags, which is particularly useful if you’re experiencing problems using multiple accounts in Chrome after the Chrome 69 update. If you navigate to “chrome://flags/#account-consistency” in Chrome and disable the setting “Identity consistency between browser and cookie jar” it will remove the automatic Chrome sign in. If you’re happy to wait for Google to finally make this into a setting in the Chrome UI, then Chrome 70 will be available in mid-October.