Most of us have way more usernames and passwords than we can remember. Thankfully, our browsers can store these for us, but using single sign-on is even more convenient, as it avoids creating credentials for each and every site we visit. The most popular one around is Google's solution, which lets you use your Gmail username and password to connect to any website that supports it. However, as the solution is widely used, some malicious sites embed login pages which can capture the user's credentials and even their 2FA token. To protect users from such attacks, Google is now blocking sign-in attempts from embedded pages.

Read More