Gmail - now with https enabled by default

Filed Under: Data loss, Google

Gmail logo
This is good news.

Some 18 months after introducing a way of forcing your browser to use https when accessing the contents of your Gmail account, those nice folks at Google have decided to do the sensible thing and enable it for all users by default.

A post on the official Gmail blog announced the change in policy, which means that next time you log in to your email from an unencrypted airport hotspot, or check your correspondence while you're having your morning Starbucks, that your email remains encrypted as it whizzes between your laptop and Google's servers.

The timing of Google's announcement is interesting though. Could it be sheer coincidence that Google has made this change to the way Gmail works at the very same time that it announced Chinese hackers were breaking into its systems, reportedly in order to access the Gmail accounts of human rights activists?

At the moment we can only speculate, but regardless of the motivation - I'm pleased that Google has made this change as it makes life harder for the bad guys, who might try to snoop.

And anything which makes life harder for the bad guys, is good news for all the rest of us.

Google on enabling https in Gmail

Google is retaining the disable option for anyone who want to turn off https, but hopefully not many people will feel that's necessary.

, , , ,

You might like

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.