At this year’s DefCon, a security problem inherent to the default settings in GMail was unveiled. The problem is that, by default, GMail does not use encrypted sessions.
This can be a problem if you use public computers, because the session key might be retrievable. With the session key in hand, access is apparently simple enough to gain.
Luckily, this is simply corrected. Here’s how:
-
- Log in to GMail
- Go to “settings”
- In the General tab, find the “Browser connection” setting
- Set it like so:
By posting a comment, you consent to our collecting the information you enter. See privacy policy for more information.