Gmail recently rolled out a change to its settings, where now you can permanently turn on SSL encryption. Do it now—your personal data will thank you for it. Besides, it’s going to get a lot easier to hack Gmail sessions very soon, because some guy is planning on releasing a hacking tool to the public in order to force Google to implement better security. [monkey_bites]
More From Consumerist
-
Even Randi Zuckerberg Is Confused When It Comes To Setting Facebook Privacy Controls
-
Remember When Facebook Changed Your Default Email To The One It Provides That You Never Use?
-
Facebook’s New Privacy Controls Rolling Out Soon: Here’s What’s About To Happen
-
Gizmodo Places Bounty On Pics Of Facebook’s Mark Zuckerberg
-
TSA Chief Admits He Could’ve Rolled Out The Knives On Planes Policy In A Better Way
It would be helpful if you could tell those of us not in the know what exactly that means and how we can turn it on. Thanks!
i hope i don’t sound too clueless, but how do you change this setting? i couldn’t find it…
Go to Settings, its the Last option, “Always use HTTPS”
Turn it on. Easy as Pie.
@thebluepill:
Hooray! Thank you!
BTW, You will need the new HTTPS version of the Gmail Notifier;
[www.google.com]
It’s also in the Monkey Bites link (with screenshot).
Google has been rolling out the setting in stages, so if it’s not where thebluepill says, keep looking for it in the days to come. (I think it should be pretty much rolled-out now.)
THANK YOU! This is excellent information! I honestly haven’t read about this elsewhere on the internets, and, I appreciate that it was brought to me through one of my favorite sites.
Thank you, Consumerist for keeping my ass out of trouble (again)!
It is definitely NOT rolled out to google apps users yet.
Any word on if this will be rolled out to GApps users? I want SSL.
As soon as I did this, I got kicked out of Google chat and cannot log back in. I’m “experiencing technical difficulties”.
@thebluepill: Thank you!
I’ve had a Gmail account comprimised once before, so anything else I can do to keep it from happening again (aside from coming up with an even more complicated, random password) is A-OK with me.
“Do it now-your personal data will thank you for it” — unless you turn on the setting and are unable to access said personal data because mobile Google Apps don’t yet support the feature.
@mhkohne: Looks like it actually is, it’s just not active for all Apps services or for non-premier accounts. These are the directions I used to force my e-mail into HTTPS:
[www.google.com]
When this feature hit my account, it was turned on by default, FWIW.
I would have missed this, thanks Chris!
@dripdrop: to answer your first question, SSL is the Secure Socket Layer. Along with Transport Layer Security (TLS) they are cryptographic (coded so that others won’t be able to tell what it is if they intercept it) protocols (a specific method of accomplishing a task, in this case getting two computers to talk to eachother). Whenever you see “https://…” you know it is using a secure protocol to deliver the page. This is important because that security works both ways. What the website sends to you is encrypted, and what you send them is too.
Hope that helps.
for those of you that use Google Apps to handle your domain’s email, the HTTPS feature does not yet seem to be implemented yet.
i hope so, soon.
I’ve been using Gmail over IMAP via a standard client-side e-mail program (think Outlook, Thunderbird, etc.). Gmail has support for SSL and TLS over IMAP as well.
Thanks for the heads up!
Added bonus: My work blocks the chat functionality inside Gmail, but with SSL and [] it works just fine!
@Underpants Gnome: Thats h t t p s : / / not ‘[]‘
/hates getting outsmarted by the comment engine
Don’t be fooled. Sure the connection between your computer and Google are secure then but between Google and who ever you send an email to – who knows?