Google will switch from http to the encrypted https by default for every Gmail customer after deciding that the potential slowing of its service is justified by more secure mail.
Google had allowed people to choose to use the encrypted https if they wanted to, launching the option back in 2008.
However, after an investigation into the impact to the service, Google has decided to make https standard for all, with the option to turn it off.
"In 2008, we rolled out the option to always use https — encrypting your mail as it travels between your web browser and our servers," blogged Gmail Engineering Director Sam Schillace,
"Using https helps protect data from being snooped by third parties, such as in public wifi hotspots. We initially left the choice of using it up to you because there's a downside: https can make your mail slower since encrypted data doesn't travel across the web as quickly as unencrypted data.
"Over the last few months, we've been researching the security/latency tradeoff and decided that turning https on for everyone was the right thing to do."
"We are currently rolling out default https for everyone," he adds. "If you've previously set your own https preference from Gmail Settings, nothing will change for your account.
"If you trust the security of your network and don't want default https turned on for performance reasons, you can turn it off at any time by choosing "Don't always use https" from the Settings menu.
"Gmail will still always encrypt the login page to protect your password. Google Apps users whose admins have not already defaulted their entire domains to https will have the same option."
There are some issues with offline Gmail, with Google posting a help page to work around it.