Today, we’re taking an important step to make it easier to manage the security of your Twitter experience – we are adding a user setting that lets you always use HTTPS when accessing Twitter.com. Using HTTPS for your favorite Internet services is particularly important when using them over unsecured WiFi connections.
For some time, users have been able to use Twitter via HTTPS by going to https://twitter.com. We’ve made it simpler for users to do this by adding the option to always use HTTPS.
To turn on HTTPS, go to your settings and check the box next to “Always use HTTPS,” which is at the bottom of the page. This will improve the security of your account and better protect your information if you’re using Twitter over an unsecured Internet connection, like a public WiFi network, where someone may be able to eavesdrop on your site activity. In the future, we hope to make HTTPS the default setting.
We’ve already made this setting the default for a number of clients and activities. In these cases, HTTPS is used whether or not you’ve enabled the “Always use HTTPS” setting:
There are also a few instances where turning on HTTPS in your settings does not force HTTPS. For example, when accessing Twitter from your mobile browser, you need to go to https://mobile.twitter.com to use HTTPS for now. We are working on a solution that will share the “Always use HTTPS” setting across twitter.com and mobile.twitter.com, so you don’t have to think about which device you’re using when you want to check Twitter. If you use a third-party application, you should check to see if that app offers HTTPS.
Did someone say … cookies?