Twitter Finally Enables HTTPS as a Default Setting

Tuesday, February 14, 2012



Twitter is finally offering the users a secure, encrypted connection via HTTPS as the default setting for accounts, rather than merely as an option.

Among other security benefits, the HTTPS feature will prevent users from having their login credentials stolen by attackers who may attempt to harvest passwords when users access their accounts over unencrypted Wi-Fi networks.

With little fanfare, the important decision to enhance user security was announced on the Twitter Blog:

"Last year, we added the option to always use HTTPS when accessing on the web. This setting makes your Twitter experience more secure by protecting your information, and it’s especially helpful if you use Twitter over an unsecured Internet connection like a public wi-fi network."

"Now, HTTPS will be on by default for all users, whenever you sign in to If you prefer not use it, you can turn it off on your Account Settings page. HTTPS is one of the best ways to keep your account safe and it will only get better as we continue to improve HTTPS support on our web and mobile clients."

Prior to this move by Twitter, users had the option to "Always Use HTTPS" by accessing their account settings and manually enabling the feature.

Last year, Facebook has also added the option to access accounts over a secure, encrypted HTTPS connection. If you have not enabled the option yet, you should take a minute to do so now.

To enable the the HTTPS feature on your Facebook account, open the "Account Settings" on your account and go to "Security". Check under the "Secure Browsing" for the HTTPS option.

Possibly Related Articles:
Encryption Passwords SSL Twitter Privacy Authentication Social Media Headlines WiFi HTTPS Security Login Default Settings
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.