Google is forcefully signing users into Chrome

toggle-button

Google logo

The newest versions of Google's Chrome browser forcibly logs you in to Chrome. Logging into a Google service now automatically signs you in to Chrome.

Update (Sept. 26, 2018): Google announced they are "adding a control that allows users to turn off linking web-based sign-in with browser-based sign-in—that way users have more control over their experience. For users that disable this feature, signing into a Google website will not sign them into Chrome".
This feature will be available in the next release of Chrome (Version 70, released mid-October).

Note: I just downloaded and installed the beta version of Chrome 70 (70.0.3538.22).
I signed into Google using the profile icon. The good thing is that I wasn't logged Chrome browser automatically.
Logging in with the profile icon automatically turns on Sync. Logging into Gmail didn't log me in to Chrome and didn't turn on Sync.

When you log into a Google account or Google service, you are now logged into Chrome, whether you want to be or not.
Previous to the release of Chrome 69 (version 70 is the current release), logging into Gmail (or other Google service) and logging into Chrome were two different things. You could visit Gmail, YouTube or other Google services without being logged into Chrome. With the new version, when you sign into a Google service such as Gmail, you are also automatically signed into Chrome using that account.

The difference between being logged into Chrome browser and a Google service like Gmail is that logging into Chrome allows users to sync information like browsing history, tabs, bookmarks and passwords between devices - Google uploads and stores the data so it can be accessed from any device. Sync requires an additional step to be activated - being automatically logged in to the browser doesn't activate the sync feature.

One of the issues here is that if a user doesn't know that logging out of a Google service like Gmail no longer logs you out of Chrome, there's nothing to stop users from accidentally using someone else's account on a shared computer. If you log out of Gmail or other service, the next person to use the computer could have access to data stored in the browser. The only indicator that you're signed in to Chrome is a profile icon to the right of the address bar.
If you use Chrome and Google services all the time this may not be of any concern, and you're probably not going to be looking for alternatives.

If you want to use Chrome and not be logged in automatically when you sign in to any Google account or service, there are a few options:

Disable the Auto Sign-in Feature in Google Chrome
You can disable the auto sign in by going to chrome://flags/#account-consistency in the address bar and and disabling Identity consistency between browser and cookie jar flag using the drop down menu to the right.
Google regularly changes flag options, so the option could be removed at any time.

Use Ungoogled Chromium
Ungoogled Chromium is an open source version of Google Chrome that has most of Google's services stripped away. Chrome Web Store extensions don't install on Ungoogled Chromium. If you use extensions you might want to pass. The project page on GitHub is here, download links for Linux, Mac, and Windows (32 and 64 bit) are here.

Use a different browser:

Firefox
I like Firefox, but I've been using it since it was in beta, many years ago. The newest version, Quantum, gets high marks for speed. Firefox is highly customizable. Chrome and Firefox share many of the same popular add-ons. There are often viable alternatives in Firefox add-ons, and if you can't live without a particular Chrome extension, here are directions to install Google Chrome extensions in Firefox.

Opera
Opera has been around many years and is a popular choice. Revamped to run on the same base as Chrome, it's snappy and easy to use. Opera has a built in ad blocker, and a VPN that can be turned off and on in the address bar. There are many extensions available at the Opera extensions site, but if you have favorite Chrome extension here's how install Chrome extensions on Opera.

Vivaldi
Vivaldi is the creation of one of the former members of the Opera team. It runs on the same engine as Chrome, and as far as I can tell, all Chrome Web Store extensions work on Vivaldi. In addition to Firefox and Opera, I have Vivaldi open and in use all the time. You may want to take a few minutes to change the interface and some options when you first fire it up. It was slow in its early releases but it's on par with Firefox, Chrome and Opera on my system now. Vivaldi is in active development and has been improving since it was introduced.

Run an earlier version of Chrome:
You can run an earlier version of Chrome, but security becomes an issue with older versions. You can download older versions here. Forced log in to Chrome began with version 69.

If these don't work for you, here's a recently updated list of browsers. Many are popular in other parts of the world and are in other languages. Some are fairly new, and some have been around for some time. 

 

You can find more Tech Treats here.

 

 

Please rate this article: 

Your rating: None
4.48276
Average: 4.5 (29 votes)
toggle-button

Comments

Thanks Rhiannon for all your work informing us about how to avoid being spied upon.
One of the most worrying aspects of computing for some, has always been how Google wants to review everyones internet browsing, and push targeted advertisements. The extension of this, as we all know now, is brainwashing by the pushing of distorted news items and political influencing.

Anyway, many do use Google for their searches, yet there is hopefully an option of not signing in to a Google account
The search results in Google, are often better than those of DuckDuckGo (which doesnt spy)
Wonder if Google still spies on users without a Google account, through their IP address. Probably.

Please continue to advise us how to avoid being spied upon.
To everyone. NEVER use an internet browser that forces you to log onto it to use
Such privacy breaching behaviour is UNACCEPTABLE in 2018

We are now in the era of cyber crine and identity theft. How can large IT companies be so blase with our privacy, its just staggering

First off I would mention that don't block ads on many sites. For so many smaller sites (Gizmo's, ghacks, and many others) ad revenue is the only revenue coming in. With so many people blocking ads, ad revenue has fallen sharply and it's becoming difficult for us and other small sites to stay up and running. I also click on ads on the sites I don't block to increase any ad traffic for them. I have no problem blocking ads on most larger sites that are animated, intrusive and eat up bandwidth.
(see this article in the Opera blog: Ads eat more than half of the page loading time)

There are ways to minimize your footprint when using Google search (small coincidence that today is Google's 20th birthday). You can search Google using an incognito window (menu > new incognito window) to prevent most tracking. You can use Searchonymous, not only will it allow you to search anonymously if you have a Google account and are logged in but it hides most, but not all ads. It's available as an add-on for Firefox and Chrome and works on all the browsers I use. uBlock Origin also blocks ads on Google search.

One clarification I would make - anyone can use Google Chrome normally. It's only when you log in to a Google service like Gmail that you're forcefully logged in to Chrome. That's been fixed in the beta vesion of Chrome 70. The final version is due out mid-October. They are also fixing the auth cookies not deleting issue. The auth cookie issue hasn't been fixed in the beta version I'm using. I'm glad that's being fixed because it was driving me nuts having to remove the Google account from Chrome and then delete cookies with all the logging in and out I've been doing while testing this.

I'm troubled that Google added these items to Chrome without notification for users and a way to opt out.

To give them credit, they are rolling these things back as a result of user outrage.
I was surprised they responded (and quickly!), saying they would remove these two things from Chrome, and announcing a new version with a time frame for the release. That's something I don't remember them doing in the past.

This kind of activity is one reason I stick with Mozilla Firefox. They've always been focused on user privacy. :-)

I have a Gmail account that is just a "stub" - with a crazy Userid name, - has all the history and settings changed to save nothing.

It has ZERO emails or contacts and use it on my Android phone too.

On my PCs I have a "host file" that traps out all the Google BS and all Chrome services turned off.

So spy away Google - LOL

The hosts file is a great tool. I have my Google account as locked down as I can in account settings, everything is on pause. I don't sync data between devices so there's no reason for my for any services to be on.

Wow! If you use Chrome and didn't notice your profile icon to the right of the address bar before, you better wake up and notice it now! I clicked on my profile icon and the second thing that is listed is "Passwords". When you click on "Passwords", you get a list of web sites to which Chrome has stored the password and the username. You can then click on the icon to the right to display any password and username that you have used and allowed Chrome to save for you. How convenient! So if you use Chrome at work and step away from your desk without locking your computer, Chrome allows anyone to very easily open the vault to the most important data on your computer! Sheer lunacy if you ask me! Next thing you know is that Google will be emailing your list of passwords and usernames to anyone that has ever sent you an email!

If you forget any password that Chrome has saved, you can access it by entering this: chrome://settings/passwords.

By the way, the second thing on the list is "Payment Methods". If you want to, you can store all of your credit card info online as well, available to anyone who passes by your computer with a few clicks. Sorry, but I will pass on that feature!

Just my 2 cents!

It's quite a change. The profile icon next to address bar is the only way to know you've been logged into Chrome. I also prefer not to have payment data stored online.
I downloaded and installed the newest portable Chrome today, version 69. The portable version also logs you into Chrome. ¯\_(ツ)_/¯

I don't use anything Google.
Firefox, Startpage and Outlook Mail serves me well.

It's always a choice about what to use. Find out what's comfortable for you and go with that. I think it's good practice to be aware of what kind of data is being collected and what's being done with it when using platforms like Google services or Facebook, to name two.

I use a few Google products, though I'm circumspect in how I use them, keeping in mind that most free services collect personal data in exchange for their use. For me, it's a matter of what I'm willing to trade in exchange for using the service, and how can I minimize what data is available to collect. Other people are comfortable not thinking about these things, don't want to know, or both - and that's fine.

I like DuckDuckGo as a search engine, and I use a fork of Thunderbird (paid software) for email. The bulk of my email comes through domains that I own.

"The bulk of my email comes through domains that I own"

Sounds great, but is your domains email presented well in your browser, with all the search options etc available with Gmail and Hotmail ?
And can you use Outlook for your own domain's email ?

Yes, Outlook handles email from domains - it supports IMAP.

I can get all email through any email client that supports IMAP - whether it runs on Windows (or another operating system) like Outlook, Thunderbird, Mailbird, eM Client, Postbox etc. or any browser based email service that supports adding IMAP accounts like Outlook.com, Gmail, etc.

Most of my email is accessed from my desktop or laptop, not in a web browser. I use the Gmail web version on rare occasions, otherwise Gmail comes in through Thunderbird or Postbox. For me, email programs that run on Windows offer many more features and more flexibility than a web based email service. 

I use Thunderbird and Postbox on my laptop and desktop - the email syncs in both programs when I open it so all email is present in both programs. If I delete an email or send a reply, it shows up in both programs since the email stays on a server. The changes are made to the email on the server, and will show up anytime I check email in any email program or web based email.
For Android, I have domain email and Gmail set up to come through Blue Mail. It has a decent search feature and will search any mail on the server, but display options are limited compared to stand alone client.

Basically, I don't want a third party corporation or service handling my email.   ¯\_(ツ)_/¯

I use several browsers but not Chrome. I don't care for google spyware. But to take this one step further I recently tried Comodo Dragon which forces one to open a new gmail acct. and also while doing updates, which destroys anything you've added to the browser and also shoves Comodo Cloud Anti-virus down one's throat. Just uninstalled them this morning after an 'update'.

I had issues with Comodo Dragon as well. I use Chrome portable and a handful of other browsers, with Firefox being my favorite.

I have never been a fan of Chrome. Never used it on my computer or phone (although it comes pre-installed). Don't like such intrusiveness.

I haven't been a Chrome fan either (I'm a Firefox fan girl from waaaaay back). I use it so I can make sure anything I write up here runs or looks ok in Chrome. I use the portable version.

LOL, same here, Firefox fan since long.

I copied and pasted the link given above into a new browser window and it doesn't go anywhere. It just looks like it is trying to go there, but nothing happens. I don't even get a timed out message or anything.

Which link are you referring to?

I use IRON ! It's Chrome without the spyware.
Nearly all of the extensions and browser add ons work fine.
https://www.srware.net/en/software_srware_iron.php