Official Gmail Blog
News, tips and tricks from Google's Gmail team and friends.
Making security easier
July 24, 2008
Posted by Ariel Rideout, Gmail engineer
From the day we launched, Gmail has supported something called
https
. Https keeps your mail encrypted as it travels between your web browser and our servers, so someone sharing your favorite coffee shop's public wifi can't read it. Your bank and credit card websites use this same protocol to protect your financial data. Typically, free webmail services don't support https, but from the beginning we wanted to build a product so solid you could run a company on it -- we developed Gmail by running our own google.com mail on it -- so security is something we took seriously right from the start.
We use https to protect your password every time you log into Gmail, but we don't use https once you're in your mail unless you ask for it (by visiting https://mail.google.com rather than http://mail.google.com). Why not? Because the downside is that https can make your mail slower. Your computer has to do extra work to decrypt all that data, and encrypted data doesn't travel across the internet as efficiently as unencrypted data. That's why we leave the choice up to you.
We care about your security today just as much as we did when we launched, which is why we're constantly working on improvements like the recently launched
last account activity and remote sign out
. Today, we're making it even easier for you to use https to protect your mail every time you access it. We've added an option to Settings to always use https. If you don't regularly log in via unencrypted wireless connections at coffee shops or airports or college dorms, then you might not need this additional layer of security. But if you want to always use https, then this setting makes it super easy. Whenever you forget to type https://mail.google.com, we'll add the https for you. If you already have the https URL bookmarked, using this setting will ensure you access your account via https even when you don't use your bookmark. Any http link to Gmail (for example, the one at the top of Google.com) will be automatically redirected to https.
We're in the process of rolling this feature out to all Gmail and Google Apps users, so check back in your Settings menu if you don't see it right away. In the meantime, you can go directly to
https://mail.google.com
right now if you're nervous about snoops. (Or https://mail.google.com/a/example.com if your Google Apps domain is example.com.) Google Apps Premier Edition admins will also be able to select SSL connections for their users via a new preference in the control panel we'll be rolling out shortly.
P.S. Some products that connect to Gmail, like Google Toolbar, are not yet compatible with https. We're working to identify issues like this and get them fixed, so visit your product's
Help Center
if you encounter problems after enabling this setting. In particular, check out this
Gmail Help Center page
if you use the Gmail mobile app, as you may initially hit an error when you try to use it (we're working on a fix).
Labels
buzz
calendar
Gmail Blog
Google Apps Blog
Google Calendar
googlenew
Inbox
Inbox by Gmail
labs
mobile
Offline
reader
tasks
tip
Archive
2016
Sep
Aug
Apr
Mar
Feb
Jan
2015
Dec
Nov
Oct
Sep
Jul
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Aug
Jul
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Jul
Jun
May
Apr
Mar
2012
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2008
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2007
Dec
Nov
Oct
Sep
Aug
Jul
Feed
Google
on
Follow @gmail
Follow
Give us feedback in our
Product Forum
.
Get posts via email
Email:
Powered by
Google Groups
Useful Links
About Gmail
Gmail for Mobile
Gmail for Work