161

I've recently begun seeing common pop-ups on sites on which I do not have an account.

The pop-ups prompt me with my real name and Google sign-in email, which is being provided either by being signed in to Google/Gmail or being signed in to the desktop Chrome browser.

Sign in to example.com with Google

Your Name
[email protected]

CONTINUE AS NAME

To create your account, Google will share your name, email address, and profile picture with example.com. By continuing, you agree to example.com's privacy policy and terms of service.

The functionality providing this seems to be variously called: "Google FedCM APIs, One Tap prompt.

One-tap sign-up and automatic sign-in

when I follow a link to Medium.com.

It is also being added to other random websites across the internet:

Large websites using this sign-in method include:

  • Sign in to medium.com with Google
  • Sign in to nytimes.com with Google
  • Sign in to eBay with Google
  • Sign in to Quora with Google
  • Sign in to trulia.com with Google
  • Sign in to Tripadvisor with Google
  • Use Pinterest with Google
  • Use hipmunk.com with Google
  • Create a wayfair.com account with Google
  • Use your Google Account to sign in to Reddit
  • Use your Google Account to sign in to Medium
  • Vimeo - Log in with Google

I don't object in principle to using my Google account to sign up for a service, but I do not want these pop-ups obscuring the site contents on page load.

This pop-up feels like a "notification" from Chrome, prompting me to use my signed-in Chrome account. It appears to be something I should be able to disable, like Chrome notifications, in my local copy of my web browser software.

Or, if not a Chrome browser notification, it also feels like something I should be able to disable from my Google account settings.

How do I disable these pop-ups and ensure they are not shown on any website? Settings-type changes preferred over content blockers, if possible.

Improve this question
7
  • 9
    It’s not Chrome, that much is certain. They’re actually part of the website. Commented Mar 18, 2019 at 5:40
  • 8
    These YOLO login prompts are also vulnerable to clickjacking exploits. Commented Oct 24, 2019 at 9:04
  • 1
    support.google.com/accounts/thread/13860490 Commented Aug 10, 2020 at 21:18
  • 3
    The comments above provided some useful background information, but I am curious, what do websites see if you don't click sign in with Google? Does the website know I have a Google account and what my name is even if I don't sign in? Commented Sep 29, 2020 at 17:20
  • 5
    @jrh Great question, also wondering this, if anyone knows Commented Aug 2, 2021 at 4:31

10 Answers 10

Reset to default
172

You can disable these prompts from your Google account's Third-party apps & services settings page:

https://myaccount.google.com/connections/settings

Or go into your Google Account Settings and to the Security Tab. Here you will find a section "Your connections to third-party apps & services". Click "See all connections", and then click the gear icon button to go to settings.

Google Account sign-in prompts

Allow Google to offer a faster way to sign in with your Google Account on supported third-party sites

Toggle off "Google Account sign-in prompts" to disable these prompts across the web. You need to be signed in to your Google account while visiting websites for this setting to work.

Click refresh to make sure the new setting has stuck.

Improve this answer
17
  • 8
    Thank you! This has been annoying me for so long. I just tested, and I no longer get pop-ups on medium.com, so it seems to work :) Take my up vote Commented May 14, 2020 at 11:07
  • 4
    +1 This solution worked for me on all sites, including eBay and Medium. Was able to slide the blue google settings slider off and on, then refresh the offending website for immediate results. Commented Jul 5, 2020 at 16:28
  • 19
    Just fyi, this option appears to be completely useless for some users like myself as of 2 months ago, it does absolutely nothing now, it keeps prompting for every single visit on every single website that has this embedded and no amount of closing it will "pause" it on the next visit. Only thing that works is to block it with uBlock, for example. Commented Nov 10, 2022 at 18:32
  • 10
    Having to constantly being logged in to a Google account in order to prevent the popups are not a viable solution to the problem. Commented Jan 30, 2023 at 10:37
  • 4
    @Shadow same here. Keep getting this despite disabling the sign-in prompt on all 3 of my Google accounts. Just started happening in the last ~2 months or so. Commented Jan 30, 2023 at 16:29
33

In your Adblocker, block all content from smartlock.google.com. That will be the end of these popups.

This popup is provided by a Google service website owners can select to integrate on their websites.

Improve this answer
7
  • @pkamb, it also occurs in other browsers (apparently for Google whitelisted domains only, to mitigate click-jacking) so you'll probably not find a browser setting. Commented Oct 23, 2019 at 21:11
  • 8
    smartlock.google.com is not enough to block it. You also have to block accounts.google.com. But, once you block accounts.google.com then none of google works. To be clear, some sites use smartlock.google.com, other sites use accounts.google.com Commented Oct 23, 2019 at 21:49
  • 19
    As of 2020, the following uBlock Origin expression blocks that: accounts.google.com/gsi/iframe/$subdocument Commented Aug 9, 2020 at 10:31
  • 2
    @gresolio Please make this an answer. It is the only real solution to the problem described by the OP IMO Commented Jan 30, 2023 at 10:35
  • 2
    This didn't work for me, but this did (using Ublock filter): superuser.com/a/1773215/142948 Commented Mar 23, 2023 at 11:11
15

This has worked for me.

Add this line to your AdBlock Chrome extension under custom options:

accounts.google.com/gsi/*

Improve this answer
4
  • 2
    This is the real answer, when you don't even have a google account or you're not signed into google at all, or browsing anonymously, etc. +1! Commented May 10, 2024 at 12:46
  • 2
    This is the only fixing answer! Commented Apr 6 at 8:25
  • 1
    This works because it matches the src value of the iFrame that's loading the Google One Tap Login popup. If you're technically inclined, you can see the iFrame and its src value by inspecting the popup element. Commented May 15 at 19:10
  • 1
    I did this in Firefox using the uBlock Origin extension as suggested in the duplicate superuser.com/questions/1773208/… and in zylstra's answer here Commented Oct 4 at 17:47
12

I started seeing pop-ups consistent with the appearance of the Google One-tap sign-in, but they extend beyond the browser window.

Learn about third-party sign-in

Third-party sign-in is a type of federated sign-in that allows you to log in with an identity service, instead of creating unique login credentials for each individual website you visit. If you allow third-party sign-in prompts, then as you browse the web, you may receive dialogs that ask if you want to sign in with an identity service.

You can sign into websites with Chrome through an identity service of your choice. An identity service stores and manages your sign-in information and identity across the web per your permission.

Attempts to follow the myriad suggestions online to disable this in your Google account settings did nothing. But I finally found a Chrome setting for Third-party sign-in:

chrome://settings/content/federatedIdentityApi

Third-party sign-in

Lets you sign in to websites using the account you have with an identity service

Default behavior — Sites automatically follow this setting when you visit them

  • Sites can show sign-in prompts from identity services
  • Block sign-in prompts from identity services

Selecting "Block sign-in prompts from identity services" here seems to suppress the new version of this pop-up.

Improve this answer
6
  • Have a picture? Commented Apr 20, 2024 at 17:53
  • 4
    Wow, are they serious? You can't even navigate to that "Third-party sign-in" page except by knowing the direct URL. Not even the search function in Settings will display it. Commented Apr 28, 2024 at 8:07
  • I still cannot find it in Settings by myself, thank you so much for that chrome link. This answer should be on top! Commented Jun 13, 2024 at 5:44
  • I'd like to see a screenshot of what this looks like in the browser/website when one of these pops up. Commented Jun 14, 2024 at 2:03
  • This page is technically accessible in the settings UI, but it's really buried! See superuser.com/a/1844674/71922 Commented Dec 4, 2024 at 5:05
5

Install the uBlock Origin Firefox extension, then:

  1. Click the extension icon on the address bar,
  2. Click the gears icon (near the bottom),
  3. Click "My Filters" tab,
  4. Paste into the box, on a new line: accounts.google.com/gsi/*,
  5. Click "✔ Apply Changes".
Improve this answer
2

Daniel's answer works on medium.com* (and probably others) but not in pinterest. That site keeps nagging you on every visit, and uses pop-up elements containing multiple 'random' ID strings (so you can't just filter on these). The substring to filter on for blocking the popup with AdBlock Plus seems to be:

&origin=https%3A%2F%2Fnl.pinterest.com

* Note that medium.com prompts you only once anyway; your (non-)response is kept in a cookie.

Improve this answer
2

uBlock Origin and other options won't work in Safari. Create a file ending with .css extension. Add the following:

/* prevent google one tap login window */
iframe[src^="https://accounts.google.com/gsi/iframe/"] {
  display: none !important;
}

Save the file; then point to it in the Safari -> Settings -> Advanced page's Style sheet: dropdown.

You can get more or less specific with the src value, if desired, but the above should work everywhere.

Edit: The above works on macOS without adding any extensions. To disable this prompt in Safari on iOS, use the free Userscripts app/extension with the my gist on Github for a file that works. (You can skip step 5 and navigate to this gist in step 6 of that post.)

Improve this answer
0

The settings page now tells you that it needs to be adjusted in your browser, for desktop use:

That leads eventually to a help article with these steps:

  1. On your computer, open Chrome.
  2. At the top right, click More Organize and then Settings.
  3. On the left, click Privacy and security and then Site settings.
  4. Under “Content,” click Additional content settings and then Third-party sign-in.
  5. Select the setting you like:
    1. Sites can show sign-in prompts from identity services
    2. Block sign-in prompts from identity services
Improve this answer
3
  • @xionchiamiov this is useless for the more savvy, none-chome users Commented Jun 8, 2024 at 16:52
  • 1
    @theking2 Not useful for people who use browsers other than Chrome, sure. I reject the idea however that the population of Super User is disjoint with the population of Chrome users. That's supported by the fact there are over eleven thousand google-chrome questions on the site - and in fact, this question is one of them! Commented Jun 10, 2024 at 21:29
  • The answer could still be useful for Chrome/Google users. Commented May 15 at 19:12
0

This is a website doing. Not sure why in these days any webmaster might be enticed to foster more Google privacy incursions but here we are.

  1. Install uBlock Origin extention
  2. Right click the popup
  3. Add it to the block list.
Improve this answer
1
  • Yeah, I'm actually shocked at how many websites have added this. I can only think the popup is "click bait": Google must be paying the websites $ for every click they get on these windows, just like they do for clicks on ads. Commented May 15 at 19:14
-1

Understand One Tap User Experience

connected apps page. The opted-out sessions aren't shown in One Tap. If all Google sessions are opted out, One Tap won't display.

They also detail the specifics of when you will see the next One-Tap pop-up after closing one on the same website:

Exponential Cool Down

If a user closes One Tap by tapping the "X" button in the header, for a time period, One Tap won't display for the same website and in the same browser.

The following exponential time periods are used for cool down.

Consecutive Closing Times One Tap will be disabled
1 2 hours
2 1 day
3 1 week
4+ 4 weeks

The cool down status will be reset after a successful One Tap sign-in.

Improve this answer
4
  • 9
    I've been closing these things for months, and they continue show up. This functionality is either broken, or no longer works as described by your answer. Commented Jan 22, 2022 at 9:46
  • This answer is for Android devices only. mac, gnu-linux, windows devices will still show the popup. Commented Jun 15, 2024 at 7:24
  • 1
    Doesn't work if if someone uses Firefox and doesn't have google account… Commented Apr 6 at 8:27
  • Yeah, if you don't have a Google Account at all, or if you have an account but use the site's own login process, the sites won't show in the connected apps page. The "fix" is to use something that edits the website as it loads: uBlock Origin, eg, or in Safari's case, a custom style sheet that says not to display stuff that matches. Commented May 15 at 19:08

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.