"When GCPW is installed on a machine, a local Google Accounts and ID Administration (GAIA) account is created, which has elevated privileges. GCPW then adds a credential provider to Windows' Local Security Authority Subsystem Service (LSASS) so that users can log into their Windows machine using their Workspace credentials."
Who else thinks that's insane?