Thursday, March 17, 2011

Twitter adds option to always use HTTPS

Twitter has tweaked its security settings to offer an option to always enable Hypertext Transfer Protocol Secure, or HTTPS.

Although the more secure setting has always been available, in the past Twitter users had to browse specifically to https://twitter.com to take advantage of it. Now, the tighter security is a new option found in the Twitter settings page.

Clicking on your account name in Twitter and then selecting Settings brings up the appropriate page. From there, you'll see the new option at the bottom of the page. Checking "always use https" ensures that each Twitter session will now encrypt your username, password, and any other personal data.

The capability to use HTTPS is already the default option for Twitter's mobile iPhone app, according to a Twitter blog posted yesterday, but not for Twitter's mobile site. To enable the tighter security when browsing the mobile version, you'll still have to specify the address as https://mobile.twitter.com. Twitter also said that people who use a third-party mobile Twitter app will need to check to see if it allows for HTTPS.

Twitter added that it plans at some point to set up HTTPS as the default option on its Web site so that users won't need to manually enable it.

Offering stronger security than the standard HTTP, HTTPS uses SSL (Secure Sockets Layer) to encrypt and decrypt information passed back and forth over the Internet. Twitter sees the tighter security as a much-needed option for people who tweet over unsecured Wi-Fi networks.

The new option also follows a recent push by New York Sen. Charles Schumer who wrote to Amazon, Yahoo, and Twitter asking them to switch their default pages from HTTP to HTTPS to better protect people using public Wi-Fi connections.

-news.cnet.com

No comments:
Write comments

Note: Only a member of this blog may post a comment.