Last year Twitter implemented a security feature that allowed its users to browse the site via a secured HTTP connection (HTTPS). This feature was not enabled by default and users had to go to their Settings and enable the feature. However, Twitter now wants to secure user profiles and has made the feature enabled by default.
Using HTTPS will not only help protect the privacy of millions of users, but also offers greater protection when accessing the network over unsecured Wi-Fi connections. Websites with a HTTPS connection is much preferred, since it is one of the most secure ways of sending and receiving content on the web. Many Google services including Gmail make use of the HTTPS protocol by adding up an extra layer of security.
Using a site over an unsecured Wi-Fi connection and without having HTTPS enabled, could let hackers gain access to your account with the help of a session cookie. In this case, if you’re using Twitter via an unprotected connection, then the hacker can possible post tweets and read all your Direct Messages without your knowledge.
With HTTPS enabled, it now makes Twitter secured and encrypts your login sessions. That way, no hacker can sneak into your account or gain access to it.
Twitter posted an official statement on its blog explaining the new feature -
Last year, we added the option to always use HTTPS when accessing Twitter.com on the web. This setting makes your Twitter experience more secure by protecting your information, and it’s especially helpful if you use Twitter over an unsecured Internet connection like a public WiFi network.
Now, HTTPS will be on by default for all users, whenever you sign in to Twitter.com. If you prefer not use it, you can turn it off on your Account Settings page. HTTPS is one of the best ways to keep your account safe and it will only get better as we continue to improve HTTPS support on our web and mobile clients.
As the feature now comes enabled by default, users, however, can opt-out if they prefer not to use it. Simply go to your Twitter Settings page and uncheck the “Always use HTTPS” option -
It is recommended that you keep this feature enabled in order to keep your account and data safe. If you’re always using Twitter out and about, it is highly recommended that you use the HTTPS setting and leave it that way forever.
Facebook too has an option for its users to enable HTTPS, but this is yet to become a default feature.