Finally, Twitter enables HTTPS by default

Twitter users are now getting sessions encrypted with 128-bit encryption by default.

Twitter has turned on HTTPS by default, offering 128-bit encryption for users connecting to its service.

The company had originally offered the option for users to use HTTPS when browsing but this had to be turned on via a partially-hidden setting.

Now comes the announcement that the security setting in on b default:

Last year, we added the option to always use HTTPS when accessing on the web. This setting makes your Twitter experience more secure by protecting your information, and it’s especially helpful if you use Twitter over an unsecured Internet connection like a public wi-fi network.

Now, HTTPS will be on by default for all users, whenever you sign in to If you prefer not use it, you can turn it off on your Account Settings page. HTTPS is one of the best ways to keep your account safe and it will only get better as we continue to improve HTTPS support on our web and mobile clients.

follow Ryan Naraine on twitter

[ SEE: Ten little things to secure your online presence ]

This announcement follows clear signs that Twitter is getting security religion.  The company recently acquired Moxie Marlinspike's Whisper Systems, a start-up that developed encryption for mobile devices.

Twitter also bought Dasient, an anti-malware company with roots at Google.

See more from Adrian Kingsley-Hughes.