Walker News

How To Secure Gmail Connection By Encrypting Session With HTTPS?

Unless your Gmail account is only receiving newsletters or keeping emails that are not really personal and important, you should pay attention to Gmail security related announcements and features.

There is an option in Settings page, allows user to enforce Gmail applying HTTP or HTTPS browser connection:

The options used to secure Gmail connection.

By default, Gmail only apply HTTPS protocol during account login session (in fact that is Google Account authentication page which is later redirected to Gmail Inbox). The subsequent connection between you (the browser) and Gmail server is on the insecure HTTP protocol.

Two methods to always secure Gmail session

You can choose either one of these two methods to completely secure Gmail connection, from the moment you log in until log out:

Always use HTTPS

As shown in the screenshot (above), click Settings link (top-right corner) and access to General tab of Settings page. Locate the “Browser Connection” section, select “Always use HTTPS” and then (remember) to click the “Save Changes” button (at bottom of page).

The drawbacks of using this method are as follow:
  • For those who use Gmail Notifier, make sure the Gmail Notifier patch is installed. Otherwise, Gmail Notifier will work unexpectedly when “Always use https” option is enabled.
  • Both Google Toolbar and Gmail for mobile application might encounter unexpected errors

Explicitly tells web browser to access Gmail over HTTPS protocol

Regardless what web browser you’re using, so long as the browser supports HTTPS protocol, you can manually type this following URL in address bar and press ENTER key to forcibly access Gmail over HTTPS protocol, from the time of log in until log out:
https://mail.google.com

The advantage of using this manual method is that you can decide when to use HTTPS. If you can’t access to Google Account over HTTPS, you could simply access Google web services over the insecure HTTP protocol (if you willing to bear the risk).

Custom Search

2017  •  Privacy Policy