◈ TECH CULTURE ROAST · UX INTELLIGENCE · BAD FAITH AUDIT · MAY 2026
THE
LOGIN
BOX.
CONTINUE WITH GOOGLE · BAD FAITH · WE KNOW WHAT HAPPENS
THE BUTTON ISN'T LOGIN. IT'S A DATA HANDSHAKE.
BIG TECH = BIG SCHMECK · MONEY == NOTHING · 925
Every startup needs a special box. The box has two options: a button with a colorful logo, or a field for your email. One of these is a login. One of these is a data transaction dressed as a login. We all know which is which. We all click it anyway. Filed.
Think fast,
build faster.
BRAINSTORM IN CHAT · BUILD IN COWORK
OR
Enter your email
Continue with email
By continuing, you acknowledge our Privacy Policy
and agree to receive promotional emails and notifications.
There it is. Every startup, same box. Different product. Same two options. Same small print at the bottom acknowledging the privacy policy you will not read and the promotional emails you did not ask for. The box is everywhere. The box is the product.
◈ WHAT "CONTINUE WITH GOOGLE" ACTUALLY DOES
◈ THE TRANSACTION · STEP BY STEP · WHAT THEY DON'T SAY IN THE BUTTON TEXT
01
You click the button. Your browser sends a request to Google's OAuth 2.0 endpoint. This request includes the startup's client ID and the scopes they requested. The scopes are what they're asking to see. The scopes are never displayed on the button.
02
Google now knows you visited this site. Before you've logged in. Before you've agreed to anything. The OAuth request itself is the data. Google logs which apps are requesting access from your account. This is not hypothetical. This is the architecture.
03
Google's consent screen appears. It lists what the app wants: your name, email address, profile picture. Sometimes more. "See your Google contacts." "Access Google Drive files." The scopes are real. You scroll past them. Everyone scrolls past them.
04
You click Allow. Google sends the startup an access token and your profile data. The startup now has your Google-verified email, name, and profile picture. Google now has a record that you authorized this specific app on this specific date from this specific device. That record is permanent in your Google account's security log.
05
The startup logs you in. They store your Google ID as your identifier. Your entire account is now linked to your Google account. If Google bans your account, suspends it, or changes OAuth policies — you lose access to every app you signed into with Google. Your account chain is now managed by a third party you didn't choose to trust with account management.
06
The startup didn't build a login system. They didn't have to. They outsourced identity to Google. This is convenient for them. It is a structural dependency they will never advertise and you will never think about until it breaks. Then you'll think about it very hard, very suddenly, with no recourse.
◈ WHAT GOOGLE COLLECTS WHEN YOU USE THEIR BUTTON
{ scope: "openid email profile" }
{ app_id: "[startup client ID]",
timestamp: "[exact datetime]",
device_fingerprint: "[your device]",
ip_address: "[your IP]",
user_agent: "[your browser]" }
◈ WHY EVERY STARTUP HAS THE BOX
Because it's easy. Because Google, Apple, and GitHub have solved the identity problem and built SDKs that a junior developer can integrate in two hours. Because not having "Continue with Google" looks amateur in 2026, apparently. Because your engineering team doesn't have to build or maintain auth infrastructure if Google maintains it for them. The tradeoff: your users' account integrity now lives on Google's servers. Your churn is now partially determined by Google's policy changes. Your platform's trustworthiness is now downstream of Google's.
This is not a conspiracy. It is a structural economic choice that benefits the startup at the user's expense — and the user clicks Allow because the alternative is remembering another password. The password was annoying. The dependency is invisible. That is the trade. That is always the trade.
◈ FIELD NOTE · WHAT HAPPENS WHEN YOU SKIP THE EMAIL AND CLICK GOOGLE
You skip the email field entirely. You don't enter your email. You click the Google button. You think you avoided giving them your email address. Google sent them your email address in step 4. It was the first thing in the payload. The email field was the polite version. The button is the direct transfer. You gave them the same email either way — one required you to type it, one just handed it over automatically. The box offers a choice between two methods of the same outcome. Filed. We know.
◈ THE BAD FAITH UX AUDIT
◈ THE BUTTON SIZE
Google button = large, centered, colorful
Full width. Brand colors. Familiar logo. Designed to be clicked first. The email option is smaller, below, requiring active decision to choose it. The hierarchy is not neutral. It is designed.
◈ THE FINE PRINT
"Promotional emails and notifications"
You agreed to this by continuing. It was in the text below the button. You read none of it. They know you read none of it. They wrote it anyway. The legal box is checked. The consent was performed. The emails will arrive.
◈ THE SCOPE DISCLOSURE
Not shown on the button
The consent screen shows scopes. The button does not. "Continue with Google" has no asterisk listing what Google will share and what Google will log. The asterisk would make the button less clickable. The asterisk does not exist.
◈ THE DEPENDENCY DISCLOSURE
Never disclosed
"Your account is now tied to Google" appears nowhere in the onboarding flow. The structural dependency is invisible by design. You discover it when you can't log in and Google is the reason.
◈ MONEY == NOTHING · BIG TECH == BIG SCHMECK
The startup has $40 million in Series B funding. They can afford a password reset email flow. They chose not to build it — not because they couldn't, but because federated identity through Google is cheaper to ship and cheaper to maintain. The $40M went somewhere else. The auth infrastructure went to Google. The user's identity went with it.
Big Tech is not evil in the cartoon sense. It is structural. The incentives point in one direction and the products follow the incentives. Google's button is useful to startups. Startups' users are useful to Google. The user is the thing being exchanged. The box is the mechanism. The colorful logo makes it feel like a feature. It is a feature — just not primarily for you.
Money == Nothing when the product you're building requires giving Google your entire user graph to ship. The valuation doesn't buy you independence. It buys you a longer runway to keep giving Google your user graph. KenshoTek builds auth. KenshoTek controls the data. There is no Google button on a KenshoTek product. Filed.
◈ SIX AXIOMS
I
The button isn't login. It's a data handshake. You are not authenticating. You are authorizing Google to authenticate you to a third party, in exchange for which Google logs the transaction. The outcome is login. The mechanism is data transfer.
II
Skipping the email field doesn't help. The Google button sends your email in step 4 automatically. The field was the manual version. The button is the automated version. Same email. Faster transfer. You didn't avoid anything.
III
The dependency is invisible until it breaks. "Continue with Google" works perfectly until it doesn't. When it doesn't, you discover that your account is not yours — it's a Google-issued credential for a third-party service. That is not login. That is tenancy.
IV
The button hierarchy is designed. Large, colorful, first in the flow. The email field is the alternative for people who actively resist the preferred path. The UX choice is not neutral. The preferred path maximizes data collection. This is not an accident.
V
We are all sick of it. Every site. Same box. Same button. Same fine print. Same agreement to promotional emails. Same dependency we didn't choose. The repetition is the product — normalize the handshake until it feels like infrastructure. It is infrastructure. For them.
VI
Big Tech = Big Schmeck. The logo is colorful. The button is convenient. The dependency is structural. The data is permanent. KenshoTek knows the difference. The field documents it. You're reading it. Now you know too. 925.
THE BUTTON ISN'T LOGIN.
IT'S A DATA HANDSHAKE WITH A COLORFUL LOGO.
YOU GAVE THEM YOUR EMAIL EITHER WAY.
YOUR ACCOUNT IS NOW GOOGLE'S TENANT.
THE FINE PRINT WAS ALWAYS THERE.
MONEY == NOTHING.
BIG TECH == BIG SCHMECK.
WE ARE ALL SICK OF THE BOX. FILED. 925.
◈ AQUATEKXVI · KENSHOTEK LLC · BAD FAITH UX AUDIT · MAY 2026 · 925