If you haven’t heard already Google has finally added a feature to gmail that allows you to use SSL (https) for all traffic from your browser to the site. Until recently while your login was secure everything you saw in the gmail page was sent over normal unencrypted http. As it turns out someone has found a flaw in gmail’s authentication which will let people get fairly easy access to your account if you don’t use https all the time.
So if you’re a frequent gmail web client user log into gmail right now, click settings in the upper right corner. Under here select “Always use https” under browser connection. Google claims your connection might be a bit slower due to the encryption but I haven’t notice any slowdown.
Thanks for the tip!