Twitter makes HTTPS default setting


Twitter has upped security for its users by turning HTTPS on by default, meaning tweeters won't have to switch it on for themselves.

It means all tweets will now be encrypted, therefore all but killing off any Wi-Fi snooping threats.

"This setting makes your Twitter experience more secure by protecting your information, and it's especially helpful if you use Twitter over an unsecured Internet connection like a public Wi-Fi network," the company said in a blog post.

"Now, HTTPS will be on by default for all users, whenever you sign in to If you prefer not use it, you can turn it off on your Account Settings page. HTTPS is one of the best ways to keep your account safe and it will only get better as we continue to improve HTTPS support on our web and mobile clients."

Twitter initially made HTTPS an opt-in feature in March last year.

HTTPS is one of the best ways to keep your account safe.

Facebook also has an option to turn HTTPS on permanently but there has been no indication it will be made a default setting.

There remain issues with SSL protection, however. In particular, the certificate authority (CA) system, which relies on providers handing out HTTPS keys, has been heavily criticised.

If a CA is compromised, hackers can set up fake websites which look like the real thing. For instance, a fake Twitter website could be set up to dupe users out of data.

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.