Gotta be careful with that too. If your password manager offers to auto-fill on the base domain - for example, *.google.com, it would be fooled by any phishing site hosted on google sites or google forms.
Wow, that seems like a huge security risk for Google that people can create phishing sites on their auth domain. I don’t think Google Forms allows login forms, but I’m surprised Google Sites would offer hosting on the primary Google domain.