How to protect your Gmail account

How to protect your Gmail account 2008 09 04 1249
Enabling SSL in Gmail

Researchers at the at a Defcon hackers’ conference revealed a flaw in the way Google’s Gmail handles session cookies. According to the Hacking Truths. web site:

The problem lies with the fact that every time you access anything on Gmail, even an image, your browser also sends your cookie to the website. This makes it possible for an attacker sniffing traffic on the network to insert an image served from http://mail.google.com and force your browser to send the cookie file, thus getting your session ID.

However, Google does provide a way to prevent that risk.  Login to your Gmail account and click the Settings link in the upper right hand corner of the page.  At the bottom of that page look for the Browser connection section and make sure that Always use https is enabled.

How to protect your Gmail account NIKON D3 D3S7474 20131207 500

Husband, father, information security professional and avid photographer living at the junction of Montgomery Township, Rocky Hill and Princeton Township, New Jersey.

Liked this post? Follow this blog to get more. 

Got some feedback? Please leave a comment below.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Learn More)