How to Access Gmail More Securely via HTTPS

HTTPS Browser
HTTPS means a secure connection to Gmail from your browser.

Yuri Samoilov; CC BY 2.0 license

HTTPS provides secure, encrypted access to Gmail in your browser. Please note that Gmail now only allows HTTPS secure connections. There is no option to connect without it.

Secure Gmail via HTTPS Is the Only Option

Note that secure HTTPS connections over TLS/SSL are, as of April 2014, the default and only option for all Gmail users and sessions; you need not do anything special or change any settings, neither in Gmail nor in your browser.

What Does HTTPS Access Do?

If you use HTTPS to connect to Gmail in your browser, all data sent from and to Gmail (including your emails) will be encrypted automatically as it is sent back and forth. Without the secret key to deciphering, all that data is incomprehensible to anybody, even if they gain access to it, say through a shared internet connection on public Wi-Fi.

HTTPS access also lets your computer verify the authenticity of the connection to Gmail via a trusted third party. This helps prevent a malicious site pretending to be Gmail to you (and you to Gmail, so they can display your account without you noticing their snooping on log-in information and emails).

You can even have Gmail enforce these secure HTTPS connections so you have no choice but be secure, at least as far as the traffic between you and Gmail is concerned.

Access Gmail More Securely via HTTPS

To encrypt all traffic between your browser and Gmail (so a traffic scanner on, say, your local network or a public WLAN cannot decipher it):

  • Access Gmail using
    • Note the 's' at the end of "https".
    • Type "" into your browser's address bar manually; then, you can create a bookmark.

Do watch out for people behind your back reading along! The emails are not encrypted on your computer's screen, and people might catch you typing your password, too. (Gmail two-step authentication offers some protection from the latter being exploited.)

Force Gmail to Always Use a Secure HTTPS Connection

To make Gmail use an encrypted HTTPS connection always and automatically:

  • Follow the Settings link in Gmail.
  • Go to the General category.
  • Make sure Always use https is selected under Browser connection.
  • Click Save Changes.

Note that HTTPS connections may be slower than using Gmail unencrypted. Enforcing HTTPS with the setting above could also cause errors on some mobile devices and Gmail mail checkers.