A Simple Way to Browse Email More Securely

If you like to be mobile with your computer, then you probably have used public Wi-Fi or perhaps even a pay-per-use Wi-Fi hotspot. If so, then you should be careful about how you read email while connected to one of these public access points. Most public Wi-Fi providers do not require you to make a secure connection to their wireless router. This leaves your transmissions easily readable by eavesdroppers. You can protect yourself with a very simple change to your web browsing behavior.

Open Wi-Fi

Wireless Communications IconIn a previous post, I discussed some of the mistakes that should be avoided when setting up your home’s wireless router (read Are You Making These Mistakes with Your Home Wi-Fi). One such mistake is leaving your access point “open”. Since public Wi-Fi access is usually “open” and you usually don’t have a choice about how to connect to a public access point, you should take precautions when surfing sites that may contain personal information.

Since communications between your laptop and the public access points are made over the air in an unencrypted manner, your email can be read by anybody who is savvy enough to start a free network sniffing program that is freely available for downloaded on the Internet. How much more careful about what your read at one of these hotspots would you be if you knew it was possible for someone to see the data that was being sent to our browser? How much personal information do you store in your email account?

HTTPS Browser Connections

There is something simple and easy you can do to ensure that you’re reading email securely. You can browse to your Gmail account without fear of prying eyes or network hackers. Simply use the HTTPS protocol when accessing your web email. HTTPS encrypts the data from your computer all the way back to the server you are browsing. Since the data is encrypted, even if someone is sniffing the network, they will not be able to determine what you are reading. The data simple looks like a bunch of random bits with no meaning.

Gmail and Yahoo

Browser Address Bar Showing \Both Gmail and Yahoo mail automatically redirect your browser to their “https” versions for login. This means that when you send your username and password to authenticate, it will be encrypted and secure. You can see this when browsing to mail.google.com or mail.yahoo.com. Go ahead and try it. Type “http://mail.yahoo.com” or “http://mail.google.com” in your browser’s address bar and see where you end up. You’ll notice that your browser now reflects the new address which begins with “https://”. Your browser is now using the HTTPS protocol to communicate with the login server.

A Gmail Advantage

The login process is only the beginning. Yes, your login information is secure, but unless you specifically tell the browser to use the “https://” address, your security encryption ends at the login for Gmail users. Browsing to http://mail.google.com will encrypt the login information only, but browsing to “https://mail.google.com” will not only encrypt your login, but your entire session as well. All the information sent to and from your computer to Google mail will be protected along with your username and password. This is one advance Gmail has over Yahoo mail. Yahoo mail will not encrypt the entire session even though you specify “https://” in the address bar.

A Secure HTTPS Session

http_browsing_statusbar Notice the “lock” icon in your browsers status bar. It is usually located somewhere near the bottom right of your browser window. If the lock icon is present, it means that your session with the web server is encrypted. Gmail uses will see the lock for the entire session (if they have browsed to the “https://” version of the page), but Yahoo users only see it at the login screen.

Other Web Email

Most mail programs provided by your ISP or hosting service do include web email. Try to access your web mail via the HTTPS address and see what happens.

Bottom Line

Be careful when browsing at public Wi-Fi hot spots. Try to use the HTTPS protocol for web mail because it can protect your privacy and security. At this point, it looks like Google has the advantage over Yahoo in this department. Don’t forget to bookmark https://mail.google.com and https://mail.yahoo.com to ensure you always use the secure pages when possible.

This post was written by:

- who has written 66 posts on It Does Compute.

Contact the author

6 Responses to “A Simple Way to Browse Email More Securely”

  1. John B says:

    Great advice. Thanks for pointing this out. I wonder why Yahoo does not do the same thing.

  2. @JohnB

    I’m not sure why Yahoo does not provide a secure email browsing. Perhaps they do not have the infrastructure in place at this time to support the SSL encryption for reading email vs. just logging in. There doesn’t seem to be any mention of why on their support pages. Maybe they will add the feature at a later date.

  3. A.S.Pardesi says:

    Thanks a lot ! I really got stumbled upon this information. I was not aware. Now I have every reason to believe it.

    Thanks once again.

  4. Same here…Thanks for the info..I just came across this.

  5. paul says:

    i’ve done tests at local wifi hotspots. it’s shocking how many people do sensitive network transactions at these open network nodes. i could sniff IM conversations, pick up FTP login credentials, etc. now, i’m not a malicious person and was simply doing this for testing. can you imagine if i were? snooping mail sessions was also one that came up a lot. watch what services you use when on a public wifi! People are watching – and some are not nice.

  6. Dave says:

    Just bookmarked https://mail.google.com. I am glad to know that Gmail can be encrypted for the entire session using https. Thanks for the info!


Related Sites