If you're using a WiFi connection to access your gmail account, someone snooping on the network could intercept the signals and read your e-mails. How? Because gmail, by default doesn't encrypt your e-mail data (it does however encrypt your password, but only when you login). So, what to do?

When you access gmail, normall you type in gmail.com or http://gmail.com or http://www.gmail.com. This means of accessing gmail is not secure. The solution? Add an 's'.

By adding an 's' at the end of 'http' you convert your connection to the gmail servers to a secure one.
So, use https://gmail.com when you're already logged on, BUT:

To avoid a weird certificate dialog box change the URL in your gmail favorite/bookmark to https://mail.google.com.

Adding the 's' should be able to protect you from any WiFi snoopers. I hope it helps.

Yes, I've been wondering about this for a while. Why don't they use https by default? As far as I know, the only way of using the secure protocol is to explicitly type the s once logged in.

Thanks for the tip.

I knew about this but your thread reminded me to pass the information along to my father. Thanks.

I get a popup asking if I want to view unsecure contents and the little padlock goes away once gmail is fully loaded. The url still says https though, does that matter?
Edit: the padlock stays if I click no on the popup I just noticed and the page looks the same to me. Does that mean the email is also more secure on regular computers? I use gmail for personal email at work but since I'm under the impression that the IT department could still read the emails if they realy wanted I haven't used it much.

@Vitnir:
If it says https it should be secure. Where exactly is the padlock? Is it to the left of the https?
It also is more secure on regular wired networks since the data itself is encrypted.
I mentioned WiFi more because it is easier to intercept WiFi signals with a computer than to intercept data on a wired network.

The padlock icon is located to the left of the icon that tells you what security zone you are in on the bottom of the window, I'm forced to use Micro$oft Exploder at work.
I'm just curious because if I let the browser show material that doesnt use the security protocol the ads from google still shows up.

I know email is secure enough for personal use but I have never written anything realy personal in a email and the IT department have the possibility to view my emails if it's not encrypted.
It doesnt bother me that much that NSA is probably decrypting it live anyway to see if I mention anything related to terrorism. If I was writing something that sensitive I would use PGP for sure.