Google making third-party logins more secure
Google is rolling out a new sign-in feature for account holders who use Security Assertion Markup Language (SAML) single sign-on functionality.
This will not impact anyone who signs into Google services directly, or who use G Suite or Cloud Identity as their identity provider.
The new security screen below is also not shown on devices running Chrome OS.
“Starting on May 7, 2018, after signing in on an SAML provider’s website, they’ll be brought to a new screen on accounts.google.com to confirm their identity,” said Google.
“This screen will provide an additional layer of security and help prevent users from unknowingly signing in to an account created and controlled by an attacker.”
The feature will only be shown once per account per device.
The company said the new feature is intended to prevent attackers from tricking a user into clicking a link that would sign them in to a Google Account the attacker controls.
A phishing attack could currently do this via SAML single sign-on.
“To protect Chrome users, we’ve added this extra protection,” said Google.
Now read: Google to shut down Play Music for YouTube Remix — Report
Loading ...