Google made a change in Chrome 69 to log a user out of Chrome when they log out of a Google service (e.g. Drive, Mail etc.) in the webpage. When a user logs of a Google service AND the user has actively enabled chrome Sync, then Chrome Sync is paused, and Sync is resumed when they log into a google service with the same google account. This change does not automatically enable Sync when logging in to a Google service if the user has not enabled Sync in the first place. The feature is called “Identity consistency between browser and cookie jar”. This feature has been in place since 2015, but the default was set to OFF. Chrome 69 changed the default to on and like all Chrome Flags, It can be disable by entering chrome://flags/, in the browser omnibox and changing the setting.
Identity consistency between browser and cookie jar
When enabled, the browser manages signing in and out of Google accounts. – Mac, Windows, Linux, Chrome OS, Android
But for most people who have multiple Google accounts, (or share a computer without bothering to create separate OS logins or Chrome user profiles), this is a beneficial safeguard to avoid accidentally syncing data from one account to the wrong account.
There has been some confusion online about how this feature behaves and what notice is provide, so I decided to do a structured test on G Suite for education (it appears to behave the same in consumer GMail but I have not had the time to do a similar set of test)
1.Install Virtualbox, Download Windows 10 developer, download Chrome 69, create a new user in G Suite for Education
2.Upon Initial Run Chrome offers the following Choice
3. If you choose get started it adds the checked items to your start page as links, if you choose No Thanks, it is takes you to the google homepage and offers a tour and recommends a privacy checkup
4.If you click sign in to gmail it takes you to the login
5. User inputs their password
6. User is prompted to save their password (this is always been Chromes default)
7. If this is a NEW G Suite account the user is presented with the G Suite TOS.
8. At this point the user is logged in to their Google account, AND logged into the chrome browser and but they are Not syncing
9. The status of Sync can be confirmed under settings. The button action is to start syncing IF the user clicks the button
10. You can confirm the sync status by going to chrome://sync-internals/, the user is not logged in to sync
Clicking the “types” tab shows no elements syncing
11. If you click Sync as <user> you receive this prompt
12. If you click “OK I got it” Chrome syncs everything
13. If you click settings you can edit which items are synced.
14. Checking chrome://sync-internals/, confirms the user is logged in to sync and the sync is running (green table)
15. If you sign OUT of a goggle property the browser pauses syncing, presumably to avoid the user accidentally syncing activity from a different google account and gives them the option to re-sign in
16. If the user signs in to a google property , it resumes syncing
NOTE: Secondary Profile Behavior
The biggest difference in using this with a secondary profile is the disclosure that is given when you click Sync As