Facebook introduces HTTPS for all

HTTPS will let Facebook users log on safely from anywhere.

With such a wide and diverse user base, Facebook is no stranger to making controversial and sometimes unpopular strategic decisions. But last week, company officials made a call that almost anyone can agree with. In an effort to bolster website security and further protect user privacy, Facebook will now rely on HTTPS by default.

HTTPS is actually a relatively simple layered security tactic, combining an encryption protocol with standard HTTP communications to ensure website traffic remains hidden from unauthorized viewers. It’s presence can be readily recognized by web users in the form of a green lock icon that appears at the start of their browser’s URL field.

Facebook originally relied on HTTPS exclusively for pages that required a password, according to InformationWeek, but decided to offer it as an optional feature beginning in January 2011. Now, instead of digging through the advanced account settings page, Facebook users are afforded this extra layer of protection by default across the entire site. However, if for some reason they would prefer to do without it, the social network has retained an opt-out clause.

“HTTPS allows its many millions of users the ability to automatically encrypt their communications with the social network – preventing hackers and attackers from sniffing your sensitive data while using encrypted Wi-Fi hotspots,” security researcher Graham Cluley told the news source. “If you can’t wait for Facebook to turn on HTTPS/SSL in your neck of the woods, you should set it up for yourself.”

Placing security first
Although embracing this layered security strategy seems like the right thing to do, for brand reputation if not professional courtesy, Facebook did have to weigh some potential disadvantages.

First and foremost, according to TechCrunch, HTTPS could create noticeably slower browsing experiences. For a social network built on the premise of real-time interaction, that is no small factor. Nevertheless, Facebook officials insist that improved security will be worth the wait.

“It is far from a simple task to build out this capability for the more than a billion people that use the site and retain the stability and speed we expect, but we are making progress daily toward this end,” Facebook security policy manager Frederic Wolens told the news site. “This may slow down connections only slightly, but we have deployed significant performance enhancements to our load balancing infrastructure to mitigate most of the impact of moving to HTTPS.”

Is Facebook’s switch to HTTPS right on time, or did it come too late? How might these updates affect your browsing behavior, if at all? Let us know what you think in the comments section below!

Kate Beckham

Kate has been lighting up the blogosphere for over 5 years, with a keen interest in social media and new malware threats. When not sitting at a café behind her Mac, you’ll usually find her scouring the racks for vintage finds or playing guitar.