How to Enable HTTPS in Gmail and Google Mail
Posted: October 9, 2009
Difficulty: Very Low
Requirements: Gmail / Google Mail
By: FilePulse Staff
Here is a quick and easy way to make your Google Mail a little more secure. It won't stop anyone who has guessed or stolen your password, but it will help prevent people from reading your e-mail and hijacking any other online accounts (such as bank accounts) that you may have when you use a public non-encrypted internet connection.
Notice when you log into your bank account all the pages are encrypted (as indicated by the yellow padlock symbol)?
By default, your Google Mail password is sent to Google encrypted when you log-in, but after you've fully logged in, the Google Mail page is not encrypted. This is fine if you're sitting at home using your own desktop computer or laptop, because you own your own network equipment (the cable/DSL modem, the router, etc) so you won't be snooping your own network traffic, right?
Well, what about when you take your laptop and connect to a public wireless network at your hotel or at a coffee shop or use a public desktop computer? How do you know the owner of the network isn't sniffing and saving your network traffic which could contain your Google e-mail messages? Those messages could contain passwords to other sites you use or other personal information.
Are we saying that your hotel or coffee shop are trying to steal from you? NO! But how do you know that the admin who manages the network to said hotel or coffee place isn't desperate and hasn't just woke up one day and decided to ruin his clean background by stealing from others? Here is how to make it less likely for anyone to see your sensitive data:
At the top right of your Google Mail page, click "Settings". Look down until you see "Browser Connection" and set that to "Always use https". Click "Save Changes" and reload Gmail.
Your Google Mail pages are now encrypted like your bank web site. Since the pages are encrypted, Gmail might load a little slower, but it is barely noticeable on most high-speed broadband connections. And it is worth it if you keep sensitive data in your Gmail account.
A small amount of people may see error messages when they enable this feature. Don't worry, your e-mail is safe. Simply turn this feature off if that is the case (you may need to log out first and then log in again). If you use Gmail Notifier, you will need to download this patch in the yellow box. If you don't have Gmail Notifier installed, don't worry about the patch.
Note: Please don't let this feature give you a false sense of security. Remember to always keep your passwords safe as people can still read your messages if they know your password. Also you will still need to log out of your Gmail when using public computers or if someone you can't fully trust will be using your computer after you are done with it.
References: Default https access for Gmail