Have you ever had your Facebook account hacked? Have your friends received odd wall postings from you asking them to click a link to win a free iPad or to join the latest weight loss craze? Well now Facebook has an answer for your woes.
Facebook has finally announced what security experts have long been begging for — encryption protection to prevent user accounts from being compromised when they are interacting on the site.
Facebook will use HTTPS (Hypertext Transfer Protocol Secure) when users log into their accounts, meaning everything a user does on the site will be encrypted if he/she turns the feature on.
Enabling full-session HTTPS eliminates the dangerous ability for attackers to use tools like the Firefox “Firesheep” plug-in to intercept communications between a user’s computer and the Facebook server over Wi-Fi. “Starting today we’ll provide you with the ability to experience Facebook entirely over HTTPS. You should consider enabling this option if you frequently use Facebook from public Internet access points found at coffee shops, airports, libraries, or schools,” an official Facebook post said. “The option will exist as part of our advanced security features, which you can find in the Account Security section of the Account Settings page.”
The upside of using HTTPS means better safety on the rapidly growing and popular social networking site. But the downside may mean that some pages will take longer to load, and some third-party applications and games aren’t currently supported at all.
“Every user’s Facebook page is unique and it’s been complex pulling together all the different parts,” said Facebook Chief Security Officer Joe Sullivan when asked how long before HTTPS will become the default setting. “We hope to offer HTTPS as a default whenever you are using Facebook sometime in the future,” Sullivan said.
