Gmail Making Secure Https Connections a Default [Security]

Gmail has long offered a more secure connection option over Https, and two years ago let users set it themselves as a default. Now Google is making https the default setting for all Gmail accounts, unless you flip it back.

Given their recent security episode in China, and the ever-expanding realm of devices and portals users can get at Gmail from, it’s probably a smart step forward to gently goad users into using a more secure connection standard. Google notes that, although using https creates a slight latency, they believe the trade-off is worth it.

If https presents a problem in your particular IT environment, you can still switch it off in your Settings. Here’s Google’s explanation:

If you’ve previously set your own https preference from Gmail Settings, nothing will change for your account. If you trust the security of your network and don’t want default https turned on for performance reasons, you can turn it off at any time by choosing “Don’t always use https” from the Settings menu. Gmail will still always encrypt the login page to protect your password. Google Apps users whose admins have not already defaulted their entire domains to https will have the same option.

Google also notes that Offline Gmail users who weren’t already using https as a default may see some issues, but they suggest a work-around.

Does a default https present problems for your own Gmail account? Happy to see the security struggle moving a step forward? Tell us your take in the comments.

Default https access for Gmail [Official Gmail Blog]

Leave a Reply

Your email address will not be published. Required fields are marked *