Gmail now warns about insecure email accounts

Whenever you visit a secure website (https://), the thing that makes it secure is SSL/TLS encryption (TLS is the successor to SSL, but the terms are often used interchangeably).

SSL/TLS encryption is also used to secure emails in transit so that they cannot be intercepted and read by a third party (other than the email provider). Although most email providers now support SSL/TLS, not all do, which is a terrible security risk, as bank details, account passwords, and other intimate information is often sent via email.

To mark Safer Internet Day on 9 February, Google announced that it will now warn users when they receive a message from, or are about to send a message to, someone using an email service that does not support TLS encryption.

Unencrypted Message

Gmail has always supported encryption in transit using TLS, and will automatically encrypt your incoming and outgoing emails if it can. We support industry-standard authentication to help combat email impersonation. And there are tons of other security measures running behind the scenes to keep your email safe.

Of course, it takes at least two people to send and receive an email, so it’s really important that other services take similar measures to protect your messages—not just Gmail. Unfortunately, not all email services do.

If you see the broken padlock icon it should be safe to communicate with the other party, but it is not safe to send sensitive information over such an insecure connection. Do remember, however, that even when secured using TLS, messages can still be read by both the sender and receiver’s email provider (and in Gmail’s case, Google scans all emails in order to deliver targeted advertising).

Google will also attempt to authenticate any email you receive in order to verify that it comes from the sender it claims to come from.  If there is doubt, you will see a question mark in place of the sender’s photo, in which case you should exercise extreme caution when replying.

Douglas Crawford I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. Find me on Google+

Related Coverage


2 responses to “Gmail now warns about insecure email accounts

    1. Hi Shawn,

      According to Google’s official blog post, this feature has been accurate since last Tuesday (9 February). Yoy reason you haven’t seen it might simply be that you haven’t received any insecure emails. I assume it is also for Google Business accounts, but am afarid that I don’t know for sure.

Leave a Reply

Your email address will not be published. Required fields are marked *