Twitter increases Security

Following Google and Facebook, on Tuesday this week Twitter added a new feature to its website: https access. Users can enable the secure access by going to their settings and check the box “Always use HTTPS” found at the bottom of the page.

Enabling this improves the security of your account by making the communication with the website secure as the communication gets encrypted. When using non encrypted WiFi connections, this prevents tools like Firesheep to take control over your session because the communication is now encrypted and only your browser is able to decrypt it.

Twitter mention in their blog that “in the future, we hope to make HTTPS the default setting”. At the moment, this is default for the login on Twitter and for the official applications for iPhone and iPad. And what happened with Android, Symbian and Windows Mobile?

Another problem is that the browsers on mobile devices accessing mobile.twitter.com are not able to switch automatically to a secure session even if the feature is activated. In order to use a secured session, you need to type in https://mobile.twitter.com. Twitter promised that they are working on a solution for this problem.

Sorin Mustaca
Data Security Expert