Making Twitter more secure: HTTPS

By
Tuesday, 15 March 2011

Today, we’re taking an important step to make it easier to manage the security of your Twitter experience – we are adding a user setting that lets you always use HTTPS when accessing Twitter.com. Using HTTPS for your favorite Internet services is particularly important when using them over unsecured WiFi connections.

For some time, users have been able to use Twitter via HTTPS by going to https://twitter.com. We’ve made it simpler for users to do this by adding the option to always use HTTPS.

To turn on HTTPS, go to your settings and check the box next to “Always use HTTPS,” which is at the bottom of the page. This will improve the security of your account and better protect your information if you’re using Twitter over an unsecured Internet connection, like a public WiFi network, where someone may be able to eavesdrop on your site activity. In the future, we hope to make HTTPS the default setting.

Making Twitter more secure: HTTPS
We’ve already made this setting the default for a number of clients and activities. In these cases, HTTPS is used whether or not you’ve enabled the “Always use HTTPS” setting:

  • When you log into Twitter, so your password stays protected.
  • On the official Twitter for iPhone and iPad mobile application.

There are also a few instances where turning on HTTPS in your settings does not force HTTPS. For example, when accessing Twitter from your mobile browser, you need to go to https://mobile.twitter.com to use HTTPS for now. We are working on a solution that will share the “Always use HTTPS” setting across twitter.com and mobile.twitter.com, so you don’t have to think about which device you’re using when you want to check Twitter. If you use a third-party application, you should check to see if that app offers HTTPS.