Google Authentication in FamilySearch caches credentials for patron? Is this common?
I am currently serving in a FamilySearch Center. While helping a patron who authenticated into FamilySearch using his Google account on a Chrome browser, we found that upon signing out from FamilySearch and re-opening the browser, he was logged back in again.
We found that only after clearing the cache could we clear the browser from automatically logging him back into FamilySearch.
Has anyone else experienced this problem using Google as an authentication method while using Chrome?
Answers
-
@JHGibbons - you may wish to post in the dedicated group
Hope this helps.
1 -
Aine's recommendation is a good one…but the short answer is "yes". To free up the chrome browser you should close down the session before beginning an original session. Would be good to get in the habit of always closing down the chrome session each time a patron leaves, to delete cookies and browsing histories and to preserve confidentiality.
1 -
You may also want to check the "Settings, Autofill and Passwords" to make sure he didn't accept having his information stored there for future use by Google.
0 -
Agree on closing the chrome browser; however, did that and he was still logged in after re-opening the browser and navigating to the FamilySearch website.
And yes, did check the autofill settings.
He is a new young service missionary and no longer uses Google as an authentication method due to the huge security risk.
Thanks for the suggestion to post this question to the other group. Appreciate your help!
2 -
I don't know that this will be adopted as a method, but I have a link/shortcut to Chrome, etc, that always opens up an Incognito page, instead of the normal page.
If I have items where I wish some of the settings to be saved for regular use, I'll log onto the program via a normal session, save bookmarks, etc there, and then use Incognito from that point forward in order to prevent further things from being saved, such as login information.
This method certainly requires work, but in a public setting, such as a FamilySearch facility or library, it can reduce security risk and general confusion regarding other people's login information. IMHO.
0 -
I should clarify what I meant—it's more than just closing the browser. If your center is on Chrome OS Flex, there at the bottom of the screen, right hand side is an orange oval button that says "Leave Session" or "Close". This is the one that dumps the cache when closed.
Windows OS doesn't have this option so the more difficult process of clearing all the caches is needed.
Glad you have such a conscientious service missionary. We have eight that work with us in our center at different times during the week, and they're such a great help! The future is bright, thanks to faith like theirs.
1 -
Service missionaries are indeed the awesome-ist of sauces!
1
