Twitter users get extra security with HTTPS

  • Published
Twitter secure icon
Image caption,

Users choosing to log on with HTTPS will see the padlock icon

Twitter users are being given the option of logging on to the site through a secure connection.

The "always use HTTPS" setting has been introduced to help stop hackers who target people as they connect over public wi-fi.

The same type of technology is used to protect online bank accounts and electronic purchases.

Switching to HTTPS on Twitter is not compulsory, but most security experts say it is a good idea.

The microblogging site has been trialing the use of HTTPS for some time, external, however users had to access it by a slightly different address.

They can now use it automatically by changing an option in Twitter's security settings.

HTTPS, or Hypertext Transfer Protocol Secure, creates a secure channel within an internet connection by checking a website's authenticity with certain approved certificate authorities.

Hacked accounts

Unsecured wireless connections are susceptible to certain types of hacking, such as "man-in-the-middle" attacks, where criminals intercept the data stream and monitor whatever passes through.

Although relatively little personal information is exchanged over Twitter, compared to services such as internet banking, hacked accounts can be problematic, according to Graham Cluley from security firm Sophos.

"It is not so much about snooping on what someone says," said Mr Cluley.

"What has happened in the past is that high profile people have had their account snatched.

"When that person is someone like Ashton Kutcher who has six million followers, then someone can send a message from them that might be spam or phishing or malware," he said.

While HTTPS offers greater protection, using the system can slow down access to a service because of the multiple round-trips required to authenticate data.

Facebook announced in January, external that it was to begin offering HTTPS security.

However the service has not yet been fully implemented, with many Facebook apps still operating over unsecured connections.

Related internet links

The BBC is not responsible for the content of external sites.