Good news Twitter users - HTTPS now enabled by default

Summary:HTTPS now default.

Twittrer has taken a step that should help keep us all safer, and enabled HTTPS as the default access option for all users.

Using HTTPS secures the communication between the device and Twitter's servers by encrypting the data being sent and received. This is especially good news if you connect to Twitter from unsecured WiFi connections (such as those you find at coffee shops, hotels and so on) because if you're not making use of HTTPS encryption hen you're vulnerable to having your session cookie captured by any bad guys (or pranksters) that might be around, and if your session cookie is captured, then that person can pretend to be you and sent tweets on your behalf and access your direct messages.

Grabbing your session cookie is pretty bad because whoever has access to it can continue to account even after you've changed your password. In act, unless you wait for the cookie to expire you have to deauthorize any apps that the bad guy has authorized. Here's how you do that:

  • Click on the Profile icon and the choose Settings

  • From there click on Apps in the menu on the left hand side and then review the authorized apps. Revoke access from any that you feel are suspect.
  • That's it!

And don't think that you have to be a master genius like Lex Luthor to grab session cookies. You don't! In fact it's easy to do with a tool like Firesheep.

Trust no one!

Related:

Topics: Social Enterprise

About

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.Adrian has authored/co-authored technic... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.