Helping people with computers... one answer at a time.
Facebook is enabling the "https" option, and you should turn it on, particularly if you visit open WiFi hotspots. I'll show you how.
I've heard that Facebook has https now? Where? How do I turn it on?
This is important. You should do this right away.
Recent news has highlighted an application called "FireSheep" that make it super easy to capture the usernames and logins from people who might be logging into services like Facebook while at a coffee shop or other location with an open WiFi connection.
Https is one answer, and Facebook seems to have taken action.
Log in to Facebook, click on the Account drop-down in the upper right, and click on the Account Settings option:
On the resulting page click on the change link next to Account Security:
That will expose the "Secure Browsing (https)" option:
(As I write this, the https option is in the process of being rolled out, so not everyone may have it yet. Keep checking.)
Make sure this is checked.
Now. Just go do it.
Contrary to some statements I've seen, https will not noticeably impact the speed of either your computer or Facebook.
The problem is our old friend: open WiFi hotspots.
The program I mentioned, "FireSheep", is an addon to the Firefox browser that simply captures and displays the usernames and passwords of people who are on an open WiFi hotspot and are logging in to services like Facebook.
And it does so very, very simply.
Because most folks don't take appropriate precautions when using an open WiFi hotspot they're frequently logging into those services and exposing their login credentials to anyone who might be in range.
This isn't really a new problem, FireSheep is just an example program that shows how easy it is to do. The author released it with the hope that internet services like Facebook would be forced (or shamed?) into taking action.
Action like supporting https.
Used properly https encrypts the entire conversation with the internet service - including your username and password. Anyone eavesdropping at your open WiFi hotspot will see only gibberish.
That's why computer folks have been insisting you use https for banking for a long time.
As it turns out your login credentials for services like Facebook and others are often just as important to keep secure.
And now you can.
Go do it.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.