A new project in progress on the Chromium team's code review site suggests that it will soon be possible to log in to Windows 10 using the information from his Google Account. This new feature should rely on a "Google Credential Provider" to allow Windows to authenticate users through their G Suite corporate account or standard Google account.

According to Microsoft's documentation: "Credential Providers are the main authentication mechanism for users. They are currently the only way for users to prove their identity, which is required for login and other system authentication scenarios. "

Thus, by providing the user with a means of entering his identification information via an authentication system (login / password, Windows Hello, a confidential code, a smart card, etc.), Credential Providers allow the secure opening of a Windows session.

In this case, Google's Credential Providers appears to allow users to sign in using Google Accounts and ID Administration (GAIA) credentials created by G Suite administrators. GAIA is an authentication and authorization system developed by Google that allows users to access various Google services.

Entitled "Google Credential Provider for Windows", this project developed on the Chromium side by Roger Tawa should be deployed through the gcp_installer.exe installer which includes the files: gcp_setup.exe, startchromeonfirstlogin.cmd, gcp_eventlog_provider.dll and gaia1_0.dll. When gcp_installer.exe is started, it registers the Google Credential Provider DLL (gaia1_0.dll) in the registry key.

The installer also configures the automatic launch of Chrome when the user logs in for the first time by adding a link to the startchromeonfirstlogin.cmd file in the user's startup folder. It seems, in fact, that Chrome is required for the authentication process, without really knowing why at this stage.

At the next reboot, the provider should now be available as an additional login option. When a user logs in with their GAIA ID, the Credential Provider authenticates the user using Google's OAuth 2.0 API. If the credentials are correct, the user will be automatically redirected to their profile.

The addition of this feature should allow the Mountain View firm to further penetrate the enterprise market by integrating Windows 10 directly into their G Suite platform.

Leave a Reply