First it was Facebook, and now it’s Twitter – both social networks have finally gotten around to turning on always-on HTTPS to make sure that users logged in to their Web sites are always sending data encrypted when they’re logged in, managing their profiles, posting, and communicating with friends. Considering the number of hijacked accounts is becoming an issue, and the fact that apps like Firesheep allow people on the same network as the user to pull that user’s Twitter or Facebook password in clear text, it makes sense for Twitter to give users the option to use HTTPS for all of their connections.
Now, however, it’s up to developers of third-party apps to leverage HTTPS or SSL in their apps to make sure they’re not defaulting to the old method of passing Twitter logins and can take advantage of the new security.
You’ll find the option in the image above in your Twitter account settings – so when you’re logged in, just click your username in the upper right, then choose “Settings,” and scroll to the bottom of the page. Do yourself a favor and turn this on, right now. Oh! And while you’re there, follow me @halophoenix!