SSO, yet another way of Google bullying users into using Chrome
My work requires me to do things on the Google Cloud Platform. So this morning I made some coffee, booted my computer and started thinking about the things I wanted accomplish there today. First step: log into the Google Cloud Console. I let my password manager fill in the details and...
Hi, good morning! We know you just entered your login credentials, with the secret password only you know, but we still want to verify that it is really you.
Oh, OK. Not sure why this is necessary. I have been using this account daily for the last few weeks. I am using the same browser, on the same computer, on the same network, as I always do. You definitely know it. It is the very same browser I used to create this account in the first place.
Is it? Oh, well, that's all fine and dandy, but we need you to provide your phone number, so we can send you a text message.
What? Isn't there another way? No hard feelings, but I don't like to give that information to a company whose core business is surveillance adtech. Can't you just send an email to my corporate account with a link? You know, the email address of the account?
No, we must really have your phone number. It is the only way we can be sure.
But... If you don't have my phone number already, how could you ever use it to verify it is me?
Never mind that. Just give it to me.
I don't want to.
Well, tough luck. I guess you'll have to take the day off then. Maybe I'll let you in tomorrow. Probably not though.
How do I explain this to my boss?
Did you thank us even once for all we have done for you?
So I took some more coffee...
...closed Firefox, the browser I use daily...
...opened Chrome, the browser I use only once in every six months...
...and got in on the first try.