Gmail

update 13jan10: Looks like Google just made HTTPS the default for Gmail.

For reasons unknown, Gmail defaults to plain HTTP. You can remedy this by configuring Gmail to use HTTPS. This makes Gmail much, much more secure especially when logging in over an unprotected WiFi connection like in a coffeehouse.

By changing Gmail to use HTTPS you get an SSL-encrypted login instead. Now your Gmail password is always encrypted when you log-in. Why this isn't Gmail's default is beyond me. Let's fix it.

When logged into your Gmail account, select "settings" in the upper right corner.

Under "Browser connection:" select "Always use https" and then "Save Changes".

Gmail with HTTPS enabled will make it run a little slower, a small price to pay for security IMHO. Remember to end your Gmail session by clicking Sign out at the top of the page and close all Gmail browser windows.

Now go tell everyone you know to do this too.