Twitter Switches to HTTPS by Default for Everyone

The site already offered HTTPS support, but users had to enable it

By on February 14th, 2012 15:11 GMT

Twitter has made a small but important change, the site now uses HTTPS by default for everyone. This means that connections to the site are directed via the secured HTTPS protocol rather than the typical HTTP.

All the data, written tweets, your subscriptions and so on, is sent encrypted making it close to impossible to be intercepted and decoded.

HTTPS is by no means failsafe, but it's a huge update from the previous way of doing things, which was essentially to send everything in the plain with no protection whatsoever. Of course, most websites don't use HTTPS, so Twitter was hardly the exception.

"Last year, we added the option to always use HTTPS when accessing Twitter.com on the web," Twitter wrote.

"This setting makes your Twitter experience more secure by protecting your information, and it’s especially helpful if you use Twitter over an unsecured Internet connection like a public wi-fi network," it explained.

"Now, HTTPS will be on by default for all users, whenever you sign in to Twitter.com. If you prefer not use it, you can turn it off on your Account Settings page," it announced.

"HTTPS is one of the best ways to keep your account safe and it will only get better as we continue to improve HTTPS support on our web and mobile clients," it added.

Twitter joins a few other large websites that have switched on HTTPS connections by default, Gmail and more recently Google Search, for example.

Users were already able to switch to HTTPS and make the switch permanent via the Twitter settings, but it involved people actively taking the step. Relying on the users to protect themselves is hardly a good idea.

Users can still revert to the regular HTTP if they are having problems with the HTTPS connection, but very few will actually need to do that.

Comments