When Chrome says cookies are disabled (even though you didn’t disable them), sign-in pages can fail, MFA screens may loop, and sites may forget you instantly. This is usually caused by a site setting, an extension, or corrupted site data.

Cookie icon blocked by padlock and barrier

Work through the steps below in order—most people don’t need to do all of them.

1. Confirm you’re not in Incognito (and test a normal window)

Incognito can behave differently depending on your settings and extensions (especially if you’ve blocked third-party cookies or allowed only certain sites).

  • Open a regular Chrome window (not Incognito).
  • Try the login again.
  • If it works in a normal window but not Incognito, the issue is likely a privacy/cookie rule or an extension permission specific to Incognito.

2. Check Chrome’s cookie setting (including third-party cookies)

Many sign-ins rely on third-party cookies (for example, identity providers, embedded login widgets, or cross-domain redirects). If they’re blocked, sites may claim “cookies are disabled.”

  • Open Chrome Settings → Privacy and security → Third-party cookies.
  • Temporarily set it to allow third-party cookies, or add an exception for the site you’re trying to log into.
  • Retry the sign-in.

If you don’t want to allow them globally, use site exceptions instead.

3. Allow cookies for that specific site (Site settings)

Even if your global cookie settings are fine, a single site can be blocked.

  • Open the site.
  • Click the icon left of the address bar (lock/tune icon).
  • Open Site settings.
  • Find Cookies (or “Third-party cookies”) and set it to Allow for this site.

Site permission toggles allowing cookies

4. Clear cookies and site data for only that site (not everything)

Corrupted or conflicting cookies can trigger misleading “cookies disabled” messages. Clearing just that site is usually enough and avoids signing you out everywhere.

  • Chrome Settings → Privacy and security → Third-party cookies → See all site data and permissions (wording may vary).
  • Search for the site domain.
  • Delete site data for that domain (and related login domains if you recognize them).
  • Reload and sign in again.

If the site uses a separate identity domain (common with SSO), you may need to clear that domain too.

5. Disable “clear cookies on exit” (or auto-cleaning extensions)

Some privacy tools remove cookies as soon as you close a tab, block storage, or “sanitize” sessions. That can look exactly like cookies being disabled.

  • Check Chrome Settings → Privacy and security for any “clear data when you close” options (if present in your build/policies).
  • Temporarily disable extensions that mention: cookie cleaner, privacy, ad/tracker blocker, script blocker, anti-fingerprint, session manager.
  • Retry the login with extensions off.

After you find the culprit, re-enable extensions one by one and add the site to the extension’s allowlist.

6. Try a new Chrome profile (quick way to rule out profile corruption)

If the problem happens on many sites (not just one), your Chrome profile can be carrying a broken setting, extension state, or damaged storage database.

  • Click your profile icon (top right) → Add new profile.
  • Don’t install any extensions yet.
  • Test the same login in the fresh profile.

Fresh Chrome profile versus cluttered profile tile

If it works in the new profile, you can move over gradually (sign in to sync, then add extensions carefully).

7. Check system date/time and network filtering (VPN, antivirus, Pi-hole)

Less common, but important: if your device time is wrong or your network is filtering identity/cookie endpoints, the sign-in flow can fail and blame cookies.

  • Set your device to automatic date/time.
  • Temporarily disable VPN/proxy and retry.
  • If you use ad-blocking DNS (Pi-hole/NextDNS) or antivirus web filtering, allowlist the site and its identity domains.

If you’re on a work/school network, some sign-in domains may be blocked by policy—testing on a mobile hotspot can confirm it quickly.

Final thoughts

Most “cookies are disabled” errors in Chrome come down to third-party cookie blocking, a site-specific block, or an extension that cleans or restricts storage.

If you tell me the exact site and whether it’s a normal login or SSO (Google/Microsoft/Okta, etc.), I can suggest the most likely domains to allowlist.