Original URL: http://www.theregister.co.uk/2011/03/16/twitter_adds_https_opt_in_tick_box/

Twitter adds HTTPS opt-in button to micro-blogging service

Please RT: SSL crypto is, like, so sexy right now

By Kelly Fiveash

Posted in Applications, 16th March 2011 11:09 GMT

Twitter has followed in the footsteps of Facebook by offering an opt-in "always on" HTTPS setting to users of its micro-blogging service.

The Secure Sockets Layer (SSL) encryption protects Twitter users who access the service over unsecured Wi-Fi connections.

"This will improve the security of your account and better protect your information if you’re using Twitter over an unsecured Internet connection, like a public WiFi network, where someone may be able to eavesdrop on your site activity," said the company's Carolyn Penner in a blog post.

"In the future, we hope to make HTTPS the default setting."

However, accessing Twitter from a mobile browser does not force HTTPS even when it is switched on via the settings page.

As a work around, Twitter is telling users to access the service through https://mobile.twitter.com for the time being.

"We are working on a solution that will share the “Always use HTTPS” setting across twitter.com and mobile.twitter.com, so you don’t have to think about which device you’re using when you want to check Twitter," said Penner. "If you use a third-party application, you should check to see if that app offers HTTPS." ®