Helping people with computers... one answer at a time.
Facebook is enabling the "https" option, and you should turn it on, particularly if you visit open WiFi hotspots. I'll show you how.
I've heard that Facebook has https now? Where? How do I turn it on?
•
This is important. You should do this right away.
Recent news has highlighted an application called "FireSheep" that make it super easy to capture the usernames and logins from people who might be logging into services like Facebook while at a coffee shop or other location with an open WiFi connection.
Https is one answer, and Facebook seems to have taken action.
•
Turning On Https in Facebook
Log in to Facebook, click on the Account drop-down in the upper right, and click on the Account Settings option:
On the resulting page click on the change link next to Account Security:
That will expose the "Secure Browsing (https)" option:
(As I write this, the https option is in the process of being rolled out, so not everyone may have it yet. Keep checking.)
Make sure this is checked.
Now. Just go do it.
Contrary to some statements I've seen, https will not noticeably impact the speed of either your computer or Facebook.
Why is this Important?
The problem is our old friend: open WiFi hotspots.
The program I mentioned, "FireSheep", is an addon to the Firefox browser that simply captures and displays the usernames and passwords of people who are on an open WiFi hotspot and are logging in to services like Facebook.
And it does so very, very simply.
Because most folks don't take appropriate precautions when using an open WiFi hotspot they're frequently logging into those services and exposing their login credentials to anyone who might be in range.
This isn't really a new problem, FireSheep is just an example program that shows how easy it is to do. The author released it with the hope that internet services like Facebook would be forced (or shamed?) into taking action.
Action like supporting https.
Used properly https encrypts the entire conversation with the internet service - including your username and password. Anyone eavesdropping at your open WiFi hotspot will see only gibberish.
That's why computer folks have been insisting you use https for banking for a long time.
As it turns out your login credentials for services like Facebook and others are often just as important to keep secure.
And now you can.
Go do it.
Now.
Article C4724 - January 27, 2011 « »
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
August 11, 2011 6:28 AM
These instructions are not correct you might want to update them Account in the upper right / select Account Settings / select Security on the top left column / "Secure Browsing Edit Secure browsing is currently enabled. if says this your fine if not click on Edit to correct.
September 12, 2011 12:05 PM
Hi All,
For mobile https facebook access, check this :
http://www.goodreflex.com/why-facebook-cannot-be-logged-in-securely-through-https-on-mobile-devices/
September 26, 2011 10:22 AM
What about Business Fan Pages, I keep reading that pages need to be protected by a SSL certificate by 1st October but don't know how to get one? Thank you for any help you can give!
30-Sep-2011
December 29, 2011 6:16 AM
thank you for this artical
100%
April 3, 2012 1:36 PM
thank you, I've had issues on my home comp. that only allowed me to browse it in https format. Now I don't need to type it every second