Tuesday, March 15, 2011

Twitter Enables Always-on SSL Encryption

Via WashingtonPost.com (Faster Forward Blog) -

Twitter is adding a security option that you should turn on immediately unless you think eavesdroppers could make more creative use of your account than you.

The San Francisco micro-blogging service now allows you to encrypt your use of the site — not just when you log in, as is already the case, but throughout. It’s often referred to as “always-on SSL,” (short for “Secure Sockets Layer,” the earliest level of encryption offered by financial sites) or “HTTPS” (after the prefix you’ll see in your browser instead of the usual “http”).


A blog post by Twitter spokeswoman Carolyn Penner explains how to choose this option: Log into the site, click the Settings link in the menu below your username at the top right of the page, scroll down and click the checkbox next to “Always use HTTPS.” Then click the Save button to keep those changes (you may need to enter your password again). The post also notes that while Twitter’s official iPhone and iPad applications also encrypt your session, its mobile does not — there, you’ll still need to type in or bookmark https://mobile.twitter.com yourself.

Twitter’s programs for Android, BlackBerry and other non-Apple devices don’t yet benefit from this new option either, Penner wrote in an e-mail. “We’re working on it,” she said.

No comments:

Post a Comment