Encrypt Gmail Automatically Using Https To Prevent Hacking

Gmail has now set an option to encrypt all the communication between a browser and Google’s Servers by default which can make this email service difficult to hack and much ‘slower’ to load.

If you sign into your Gmail account through an unsecured Internet connection like a non encrypted network then your Google account might be much more vulnerable to hijacking. Before users could encrypt communication between Gmail servers by adding a ‘https’ instead of normal ‘http’ that is https://mail.google.com.The encryption comes through use of HTTPS, a secure version of the HTTP protocol that governs how Web browsers fetch information from servers.We have discussed before about how a user can hijack sessions in almost any cookie-based web application and also provided details on how Graham successfully hacked Gmail,Hotmail and Yahoo Mail.

“We use https to protect your password every time you log into Gmail, but we don’t use https once you’re in your mail unless you ask for it (by visiting https://mail.google.com rather than http://mail.google.com). Why not? Because the downside is that https can make your mail slower. Your computer has to do extra work to decrypt all that data, and encrypted data doesn’t travel across the internet as efficiently as unencrypted data. That’s why we leave the choice up to you.”-Gmail Blog

This doesn’t mean that Google will encrypt all your ‘emails’ like GPG or S/MIME email encryption but will encrypt the browser sessions with Gmail over the secure ‘https’.

Related:Prevent Hackers From Recording Your Keystrokes