Last year Facebook had a big problem making sure that user information was properly secured. However, since then the company has made a lot of changes to its privacy settings. One of the first changes was to prevent third-party applications from accessing personal information without permission. After the Firesheep vunerablity late last year, Facebook decided to plug some more security holes by encrypting all content including passwords over a https connection.
Most users do not realize that using an unsecured WiFi network for banking, Facebook, or even checking email is a terrible idea. This isn’t to say that you shouldn’t go to Starbucks and hop on the free WiFi, but it is important to keep connection secure in an unsafe environment. Using the https protocol to keep data transfer between your browser and a website encrypted is essential. Usually this isn’t a problem since most websites automatically use https when it comes time to send and receive personal information, such as a password. Facebook does use this, only during login.
Last year many people had problems when Facebook changed privacy settings which allowed third-party applications to gain access to personal information. After plenty of bad PR the company is taking plenty of caution before adding new features without notifying users. With the amount of personal information that users put on Facebook, vulnerabilities becomes a huge privacy issue. Keeping personal information private should be the highest priority for the company. At the moment, the https option is an opt-in feature and the company should consider making it the default option.
How To Enable Https Browsing
- Click on th Account Settings link in the Account drop down at the top right.
- In the Settings tab, click “change” next to Account Security.
- Check the Secure Browsing (https) box and click Save.
- Congratulations you are now browsing Facebook securely.
There are probably many reasons why Facebook has not switched entirely to https, but it is an important security hole that needs to be plugged. The company could be working to make sure everything is up to par before rolling it out to everyone. Facebook may also be wary of changing default security settings for users without their permission. In any case, this is a much-needed security improvement, and I hope that it rolls out to everyone without the need to opt-in. Check below for instructions on how to enable the https feature.
Sharath, I wrote this post on my Blog a few weeks ago that you and your readers may find useful.
It just outlines how to can protect yourself while you are online using Facebook, Gmail and other websites.