Skip to main content

The New Google Login, And Using Public / Shared Computers

I've written a few times about protecting your Blogger / Google account, when you use public / shared computers.

Generally, any concern about use of public / shared computers discusses cookies, which are simply invisible traces that you might leave behind when using any computer. If you only use your own computer - and never share your computer - this issue is probably of no concern to you.

If you use a computer that someone else, who you know, also uses, cookies are a small concern. If you use a computer that other people, who you don't know, also use - as in a public computer in a coffee shop or library - this should be a larger concern.

If you look at the Google login screen, you'll see a common option, on many login screens.
Stay signed in.
If you hover the mouse over the option, you'll see a small popup.
For your convenience, keep this checked. On shared devices, additional precautions are recommended. Learn more.
Clicking on "learn more", you get to read Securely signing in to Google.

The Google Help article mentions cookies as a significant risk to you, when using a public computer ("Devices used by lots of people").
Public computers, if well-maintained, automatically clear a user’s web history and cookies. If you’re unsure, we recommend that you use the private browsing feature of the browser. If private browsing isn’t available, clear the browser’s history, cache, and cookies before and after you use the device.
With a shared computer ("Devices shared with a few people"), the risk is less alarming.
If you only plan to use the device briefly, such as when visiting a friend or relative, we suggest using private browsing.

If you plan to use the device often (say, for example, it’s your family computer), then we suggest creating a user profile either in the operating system or in the browser so you can keep your information private from other users. We recommend you leave the "Stay signed in" checkbox selected to take advantage of Account Chooser and longer sessions. Learn how to add user profiles on an Android device or in Chrome.
And the final note.
If none of these security options are available to you, we strongly suggest you do not sign in to your Google Account. If you do sign in, we recommend deselecting the "Stay signed in" checkbox in case you forget to sign out.

I've discussed clearing cache, cookies, and sessions, in a few articles - and in more than a few forum discussions. In many cases, before the new Google Login (2014) was developed, cookies were moderately significant. Cookies, along with cache and sessions, are normal bits of data, which a knowleagable hacker might find hidden away, on a computer.

With the new Google login display, cookies are a more significant concern. Look at a typical Account Chooser login screen might look like, on a computer shared by a number of people who use Google products.

Would you want any later user of your computer, checking out Account Chooser, and finding your email address in plain view?


If you, personally, only use one Google account, and never use a public or shared computer, you may never see the Account Chooser login screen. If you do see Account Chooser, in its native state (un erased), you will see the account name ("Display Name" in Blogger) and email address of each Google account owner who has used the computer, since cookies were last cleared. Note that the screen print, shown here, has display name and email address, for each of the 5 previous users, erased.

With the Google login display (2014), and Account Chooser, we have gone from account vulnerability to any knowleagable hacker, to account vulnerability to anybody who cares to click on "Use a different account".

Obviously, when using a public computer - and probably a shared computer - you would not want to ever select "Stay signed in". Also, if you ever have to use a public computer, I would always use 2-Step Verification.

>> Top

Comments

D7ana said…
Thanks for sharing this information. I use public library computers occasionally to enter blog posts and/or email. Learning that my information might remain on that computer after I log off, well, I will be more attention to my signing out.

Popular posts from this blog

Custom Domain Migration - Managing The Traffic

Your blog depends upon traffic for its success.

Anything that affects the traffic to your blog, such as any change in the URL, affects the success of your blog. Publishing the blog to a custom domain, like renaming the blog, will affect traffic to your blog. The effects of the change will vary from blog to blog, because of the different traffic to every different blog.Followers. People who find your blog because of recommendations by other people.Search engines. Robotic processes which methodically surf your blog, and provide dynamic indexing to people who search for information.Subscribers. People who read your content from their newsfeed reader, such as the dashboard Reading List.Viewers. People who read your content from their browser.No two blogs are the same - and no two blogs will have the same combinations of traffic sources.

Stats Components Are Significant, In Their Own Context

One popular Stats related accessory, which displays pageview information to the public, is the "Popular Posts" gadget.

Popular Posts identifies from 1 to 10 of the most popular posts in the blog, by comparing Stats pageview counts. Optional parts of the display of each post are a snippet of text, and an ever popular thumbnail photo.

Like many Stats features, blog owners have found imaginative uses for "Popular Posts" - and overlook the limitations of the gadget. Both the dynamic nature of Stats, and the timing of the various pageview count recalculations, create confusion, when Popular Posts is examined.