Did you noticed that when you log into your Gmail account, the default connection for user validation is via SSL, however once your Inbox is loaded, the connection is redirected to non-secure ordinary http://.
When you change the URL prefix to secure mode (https), it reconnect to your Inbox via SSL and then retain the SSL connection for the remainder of the session. So there is a secure mode, it is not just configured as default setting. This behavior is the same regardless across different browsers (Firefox or IE).
If you frequently connect to your Gmail account via public WIFI access points, you should be concerned. With the frequent "Man In the Middle" or commonly known as MITM attack, using a secured connection as much as posssible on authenticated sessions is now a must.
There is an option force your Gmail account to login securely.
- Once you are login, click on the “Settings” link located on the upper portion
- Once inside the Settings, scroll down to “browser connection” wherein there is a radio button. Select “Always use https”.
- Click save and logout
- When you try to login again, your connection should be https by default
Enjoy checking your email securely…..
nice tip
nice tip