Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024

Gmail’s new security indicators

Batu69

By Batu69
in Security & Privacy Center

Recommended Posts

Batu69

Batu69

Posted
Posted

Google added two new security indicators to its email service Gmail which reveal TLS encryption support and whether the sender could be authenticated.

Many popular email services, including Gmail, support TLS (Transport Layer Security) encryption to protect data while it is in transit.

 

TLS is only useful if both the sending and receiving email service supports it, and one of the new features highlights on Gmail when TSL encryption is not supported by another service.

 

Gmail highlights the fact with a red open padlock image in the email header. You can click on the lock icon to display additional information, but it means effectively that the third-party mail server did not encrypt the message (likely because it is not configured to use TLS).

 

3cEOpr8.jpg

 

The red open padlock icon is displayed for receiving emails but may also be displayed when you are composing emails.

 

Quote

If you see the red padlock while composing a message
Don’t send confidential material, like tax forms or contracts, to that email address.

 

If you see the red padlock when viewing a received message
This message was sent unencrypted. In most cases, there’s nothing you can do. If it contained particularly sensitive content, you should let the sender know and they can contact their email service provider.

 

The second new security feature on the Gmail website is subtle. If the sender of an email address cannot be authenticated, you will see a red question mark instead of a profile photo, avatar or the default blank profile icon.

 

5p2fI8Y.jpg

 

You can look up authentication information with a click on the down arrow icon next underneath the name of the sender of the email.

This displays mailed-by and signed-by information in an overlay, and you will notice that those two won't match usually if the sender could not be authenticated.

 

Quote

For example, if you see messages claiming to be from google.com, but are not properly authenticated as coming from google.com, these are phishing messages. You should not enter or send any personal information. Remember, Google will never ask you to send personal information.

 

Additional information about the two new features are provided on the official Gmail blog.

 

Article source

Link to comment
Share on other sites
  • Views 1k
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...