Twitter urges users to employ SSL encryption, while making it default for a few

“We suggest using HTTPS for improved security”, noted a recent tweet from Twitter’s global PR handle. “”We’re starting to turn this on by default for some users”, the company advised.

Earlier this year, Twitter announced that it ould provide SSL encryption for a user’s entire session, not just at log in. However, the new feature requires Twitter account holders to opt-in to always using HTTPs via their Account Preferences page.

Back in March, Twitter said it hoped to make SSL encrypted sessions the default setting in the future, a move the company appears to be experimenting with according to this latest announcement.

Also included in the tweet was a link to a Twitter Help Center article, where the company advised users that proactively opting for the “Always use HTTPS” preference would increase security for account holders by bolstering protection from eavesdropping of sessions done over unsecured wireless networks.

Twitter also said that is currently experimenting with SSL encrypted sessions by default for what it called “a small percentage of users”.

As it did when previously announcing the opt-in SSL feature, Twitter advised users that sessions viewed over a mobile web browser would be encrypted only if they logged in via https://mobile.twitter.com, but the company said it was working on harmonizing the opt-in HTTPS checkbox between mobile and traditional web browser sessions.

What’s Hot on Infosecurity Magazine?