Secure Gmail

Posted on July 25, 2008

If you are concerned about security of your personal information, and you better be, Gmail has rolled out a new option that lets you set the https version as the default.

Go to Settings and near the bottom of the page find and select “always use https“. That means Gmail will automatically redirect to the secure version. Previously you had to type it in the browser with the secure https designation or use a third-party script to work around the default.

Non-secure networks make it easier for someone to gain access to your Gmail account and Google accounts in general, including of course, any sensitive data you may have in there like bank statements or login passwords, etc. for online sites. That means any public or wireless network should be treated as dangerous and the secure mode should be used.

Https is typically used for sites that deal with sensitive data, so you’ll often see it when you have to authenticate at sites like online banks, PayPal, and a lot of shopping sites. The benefit is that the connection is encrypted and nobody could easily capture the sensitive data.

There’s always a caveat, of course. In this case, it’s speed. It takes a lot more to encrypt and unencrypt messages between sender and receiver. It’s up to you to weigh safety vs. speed. If you’re one of those who thinks ID theft happens to somebody else, then by all means leave it open.

If you do wise up and change the setting, be sure to disable any third-party scripts that might have already been redirecting to the secured mode. Of course, if you already feel safe, I guess you weren’t using one of those anyway.

Final note - it seems that not everyone can see this setting available in their account yet. If not, it will be there very soon.