Don’t forget about https

That means you, average Facebook user!

On a more serious note, still very few are aware of the fact that a common http-connection (that is whenever your address above says “http://”) does provide a clear text stream of all the data that you entered in some kind of field. This is probably just a mere “So what? I was going to post something public anyway” thought to you, but considering the fact that those streams may also include private messages on your spouse’s facebook wall or even your password while you’re accessing the next social network than you should take the minute to have a closer look at your current connection. Here’s how you do it:

Don’t worry, on properly designed sites your password is usually transmitted via an encrypted service. Yet this may not be necessarily be the case at all times. I remember attending a class about internet algorithms and protocols where we were taught how to use Wireshark for monitoring network traffic. Worryingly enough we discovered that GMX back then send the login-passwords as clear text.

If you’re a user with a GMail, Facebook and/or Twitter account please make sure to set up your account(s) as described. The future you will thank you for it when it’s about to connect to these site via a public Wi-Fi access.

While in GMail open the settings menu via the little cogwheel at the top right corner. Select the e-mail settings and there right on the first page you will find something like this:

https settings in GMail

Make sure to have the “Always use https” option enabled, scroll down and save your changes. All done.

Quite similar here, while on Facebook look at the upper right corner , pop down the account menu and visit your account settings. Scroll a bit down and find the Account Security entry. Klick “change” and it should look like this:

https settings in Facebook

Check the box under “Secure Browsing (https)”, save, and again, all done.

Surprisingly this isn’t any different from the other ones. Log in to Twitter, look in that corner you already know (top right), pop down the menu and visit your settings. Again the option in question is on the very first page, just scroll down until you find this:

https settings in Twitter

Check the appropriate box “Always use https”, save, and it’s done.

Remember this procedure whenever you log in to any new web service and look out for a similar option. Rather to be safe than sorry.


One thought on “Don’t forget about https

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s