Security and privacy advocates have been pushing online service providers to offer better protection for their customers, and to start offering secure HTTPS connections by default. HTTPS allows you to securely encrypt traffic to and from the server, and for example, protects us from having our usernames, and passwords sniffed out on public networks. Gmail offers users the ability to enable HTTPS as a
default connection type
(highly recommended), but for the average user, it probably never comes to mind. Email accounts have become a primary hub for password recovery, and many people don’t realize just how painful losing control of one can be until it happens first hand.
This could change in the near future as reported by Google software engineer Alma Whitten in a blog post that claims, we are “looking into whether it would make sense to turn on HTTPS as the default for all Gmail users”. Currently, they are conducting research into the performance impact of rolling this out across the board, but this is a promising step in the right direction. Google is also considering making secure connections the default for other services such as Docs and Calendar.
Secure connections used to be considered very processor intensive for servers, but like anything else, this has become less true as CPU speeds continue to climb. "Unless there are negative effects on the user experience or it's otherwise impractical, we intend to turn on HTTPS by default more broadly, hopefully for all Gmail users," the post says.