How exactly does Google Account decide my device or location is "familiar"?

It appears to be based on your IP address and browser cookies.

According to a Google FAQ page:

To help make sign-in easier and more personal, you may see a screen with your profile picture and full name when signing in to Google. We’ll only show this information if you are signing in from a location or device you’ve signed in from before, like your home computer.

I tried entering my email into a VM that I've never used to log into my Google account (but has the same external IP address) and the Google account page still showed my profile picture.

I don't think it is by an IP's geographical location because multiple IP addresses may point to the same location. I've also used other networks (with different IPs) in close proximity to mine and had my device not be flagged as familiar.

I believe cookies are also used - I used to clear all cookies on browser close, resulting in my device not being marked as familiar in new locations (allowing me to make the observations above). Since I allowed cookies to persist, I noticed that my device was marked as familiar even though I logged in from a different location that I've never used before.

Summary of my observations:

Familiar devices are determined based on:

  1. IP address (but not geographic location).
  2. Browser cookies.

Familiar is a very loosely based word. When companies like Google say familiar they're normally talking about artificial intelligence deciding it is confident enough that it has seen enough patterns to decide that the machine you're using right then is one that they have seen you use before.

Do keep in mind that using Google Chrome for Google is the same as using Microsoft windows for Microsoft. It's literally their own little Disneyland where they can do basically whatever they want. Because of that, they get access to things that arent typical browser methods that they're able to get your information from. Sometimes it's a browser signature or sometimes it's your IP addresses coordinates.

I don't think they would release this information specifically because it pushes the creepy factor but in terms of computer science it's a tremendous revolution. I could verify you with patterns such as your movement patterns of the mouse, how your typing patterns look (forget keylogging, the speed of keys typed is enough to be unique), how you scroll through the page, where you like to hover the mouse when you're reading, there are a lot of ways to watch someone that make it so if you combine them all together it really does make you an individual who can be identified in a crowd.

If you go to chrome://flags you'll get a little better of a perspective of the information that is collected within the browser besides just the cookies. In the histograms section, you'll find analytical data towards the satisfaction of the searches that you made and all sorts of other data points that would make a data scientist smile.

Long story short, artificial intelligence and data science have grown far beyond cookies.


I would disagree with the accepted answer here. The two reasons given were IP address and browser cookies but some simple testing will show that the picture is much more complicated than that.

  1. Public IP addresses change all the time; using your laptop at a coffee shop will not trigger a warning as described by the author.
  2. Browser cookies are a bit simplistic for something like Google. Additionally if you open a private browsing window with any browser, cookies are not transferred. If you try to access Google you will again not trigger this warning.

The real story is much more complicated. Building on what @codykochmann wrote, I would take a look at the Panopticlick tool by the Electronic Frontier Foundation, especially the fingerprinting section. It is likely that a combination of factors are used by Google to figure out who exactly you are and this tool indicates what those might be.

While IP address is likely taken into account during the flagging process, it is only one factor among many that Google would use to track where you're logging in from.