This is not necessarily about uniquely tracking users. This is likely about telling automation from manual traffic to login.
Credential stuffing is a large enough problem for account takeover and the cost to a user of losing their gmail account so high that at some point a team has to make tradeoffs about what can and cannot be used to log in.
edit: am Googler, not working on this area. Have background in account takeover/browser fingerprinting.
You say that, but my friend's google drive account is basically locked because of "spam/take over detection" and there's no response from google's customer support. Does google really care about end user here?
Credential stuffing is a large enough problem for account takeover and the cost to a user of losing their gmail account so high that at some point a team has to make tradeoffs about what can and cannot be used to log in.
edit: am Googler, not working on this area. Have background in account takeover/browser fingerprinting.