Gmail users until now had the choice to use http or https when connecting to the Gmail web service.
Http offered performance advantages while https made up for it with an increase in security. All users had to do was to either add use http or https and Gmail would honor the request and load the website using the selected protocol.
Users who wanted to use https all the time for improved security were able to make a permanent switch to https in the settings so that http requests would automatically be redirected to https during connect.
Changes have been announced to the way http and https connections are handled in Gmail in light of recent events. Google decided to roll out https for all users so that all requests, regardless of protocol, are redirected to https automatically from now on.
Update: The option to switch back to http is no longer provided. Gmail users need to connect using https.
Users who are confident in their network security can change this behavior in the Gmail options which basically has been swapped. Now it is possible to enable the http protocol in the options.
We are currently rolling out default https for everyone. If you've previously set your own https preference from Gmail Settings, nothing will change for your account. If you trust the security of your network and don't want default https turned on for performance reasons, you can turn it off at any time by choosing "Don't always use https" from the Settings menu. Gmail will still always encrypt the login page to protect your password. Google Apps users whose admins have not already defaulted their entire domains to https will have the same option.
Gmail users who are using the service offline will likely experience some problems, namely that the mail does not sync anymore and that shortcuts and bookmarks might behave differently. Google has provided a solution for this:
The quickest way to fix this is to disable the 'Always use https' option, so you're accessing Gmail through an HTTP connection.
But, because using https is a more secure way of signing in to Gmail, we recommend that you switch your Offline Gmail so that it syncs with the https URL rather than http. To do so, follow these steps:
1) Make sure you're online. You won't be able to follow these steps while offline. You can always start over later, if you get disconnected.
2) Switch to http, not https. This is a temporary step. You'll switch back to https in step 5.
a) Go to Settings.
b) In the "Browser Connection" section, choose "Don't always use https", and hit Save.
c) Go to http://mail.google.com.
3) Your mail will sync automatically. Wait until your Outbox is empty, and the sync icon is a check-mark.
4) Uninstall http Offline Gmail:
a) Click the sync icon.
b) Click Show Actions
c) Click Disable Offline Mail
d) When asked it you want to remove all mail, select Remove.
5) Switch back to https:
a) Go to Settings/Browser Connection.
b) Select "Always use https", and hit Save.
c) You'll automatically be directed to https://mail.google.com. 6) Install Offline Gmail on https. (If you've already done this, you can skip this step.)
a) Click Settings.
b) Click the Offline tab.
c) Click Enable Offline Mail for this computer and hit Save Changes. 7) (optional) Delete any old bookmarks or desktop shortcuts that go to http. Consider making new bookmarks that point to https. The http URL will still work while you're online, but not while you're offline, so it's best to replace them, if you normally access Gmail using bookmarks or shortcuts.