Daily cyber threats and internet security news: network security, online safety and latest security alerts
July 26th, 2008

Google Adds User Enabled HTTPS Secure Connections Into GMail

Google has added a new “Browser Connection” feature to GMail that allows users to force e-mail sessions to always use the more secure “https” (Hypertext Transfer Protocol Secure) protocol. HTTPS is a secure protocol that provides authenticated and encrypted communication. For some reason, this option is turned off by default and the user must enable it.

In the Settings tab, at the bottom, GMail users can now select an “Always use https” option for stronger security, especially when connecting via Wi-Fi. This should help reduce exposure to things like sidejacking and cookie theft attacks.

According to Google, if you sign in to GMail via a non-secure Internet connection, like a public wireless or non-encrypted network, your Google account may be more vulnerable to hijacking. Non-secure networks make it easier for someone to impersonate you and gain full access to your Google account, including any sensitive data it may contain like bank statements or online log-in credentials. “Always use https” option in Gmail is recommended for usage any time your network may be non-secure.

GMail users of the Mobile Application might get some errors during secure HTTP connections, according to some reports.

Share this item with others:

More on CyberInsecure:
  • New Tool To Be Released Can Steal Authentication Credentials Through Encrypted Secure Channels
  • Gmail Being Blocked By Some Anti-Spam Vendors
  • New Gmail Phishing Campaign Attempts To Steal Login Credentials
  • Another Google Adwords Phishing
  • Browser Vulnerabilities Expose Users To Man-in-the-middle Attacks On HTTPS

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Google Adds User Enabled HTTPS Secure Connections Into GMail

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.