Gmail Now Uses Secure HTTPS Connection by Default

When you see a web address that starts with https, it’s typically for something important like your bank account or online shopping.  That prefix means the information you submit – credit cards, home addresses, or social security numbers – are kept private between your computer and the site you’re visiting.

Gmail started offering secure https access to their web-based email service in 2008, but it was optional and had to be manually enabled in your settings.  Google explains that they were reluctant to push https access to all users because with extra security comes a compromise: secure data travels slower than unsecure data.  After looking at the security/latency tradeoff for web applications, however, they decided to encrypt all traffic by default.

The new https feature is currently being rolled out to all Gmail users, but you can set it manually yourself in Gmail settings if it hasn’t taken effect yet.  For users already using https in Gmail – good work, you’ll notice no difference!

[Official Gmail Blog]