Twitter boosts security with HTTPS
HTTPS will ensure account hijacking tools like Firesheep won't work on Twitter.

Twitter has made an HTTPS option available in a bid to protect user accounts from hijacking.
Users can now turn on the "always use HTTPS" feature from the settings section of the site, meaning all their messages sent across Twitter will be encrypted.
Those accessing the site from a mobile browser will have to enter https://mobile.twitter.com to switch the feature on, as the settings are not shared across versions of the microblogging service.
"This will improve the security of your account and better protect your information if you're using Twitter over an unsecured internet connection, like a public Wi-Fi network, where someone may be able to eavesdrop on your site activity," Twitter said in a blog post.
Twitter said it wants to make HTTPS the default setting in the future and it has already done this for a number of clients and activities.
HTTPS, or Hypertext Transfer Protocol Secure, will cancel out the effect of the notorious Firesheep tool, which allowed hackers to hijack users' sessions if they were running on a public Wi-Fi connection.
Firesheep could allow a hacker to scan for vulnerable active Twitter sessions and then gain control of the account holder's unique session cookie.
Get the ITPro. daily newsletter
Sign up today and you will receive a free copy of our Focus Report 2025 - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Once they have hold of this cookie, hackers could imitate the original user.
One way to counter such a tool is to provide application level encryption, as Twitter has now done with HTTPS.
It remains unclear if third-party Twitter clients, such as TweetDeck, will start offering support for the option.
One of the downsides of HTTPS is that it slows connections down due to the extra actions required to supply encryption.
Read on for our analysis on the business case for Twitter.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.

‘If you want to look like a flesh-bound chatbot, then by all means use an AI teleprompter’: Amazon banned candidates from using AI tools during interviews – here’s why you should never use them to secure a job

Businesses must get better at sharing cyber information, urges former GCHQ chief

AI PCs are becoming a no-brainer for IT decision makers