Facebook Addresses Annoying HTTPS Problem, Introduces Two Factor Authentification
If you go to the Account Settings page, then to Account Security, and enable the “Browse Facebook on a secure connection (HTTPS) whenever possible”, then you will browse on a secure, encrypted connection when using the popular social networking site. Encrypted connections make it virtually impossible for others to snoop on your traffic.
The problem stemmed from the “whenever possible part”. HTTPS is not omni supported; when you click on a link to an app for example, you are asked if you would like to switch back to HTTP. Until now, the nuisance was that by confirming that you want to continue to a regular HTTP connection, the “Browse Facebook on a secure connection (HTTPS) whenever possible” option was disabled.
Facebook has announced that it made a nice change – after using a non-HTTPS application on Facebook, you are automatically switched back to HTTPS when you are finished.
The HTTPS bit isn’t the only change the social networking site made in order to provide a safer experience to its users. Facebook announced that it also:
- Redesigned the Family Safety Center which offers articles and videos on safety and privacy.
- Released a new social reporting tool that can be used to notify a member of your community when you see something you don’t like.
- Introduced Two Factor Authentification, a new feature meant to prevent unauthorized access to a Facebook account. Turn on this new feature and you will be asked to introduce a code every time you log into your Facebook account from a new device.
In related news, Sophos recently sent Facebook an open letter in which it said that the social networking site should make the following changes:
In regards to the last suggestion at least, it seems that things are going the right direction. Facebook did not turn HTTPS on for everyone, but at least it returns users to a HTTPS connection after using a non-HTTPS application.
The problem stemmed from the “whenever possible part”. HTTPS is not omni supported; when you click on a link to an app for example, you are asked if you would like to switch back to HTTP. Until now, the nuisance was that by confirming that you want to continue to a regular HTTP connection, the “Browse Facebook on a secure connection (HTTPS) whenever possible” option was disabled.
Facebook has announced that it made a nice change – after using a non-HTTPS application on Facebook, you are automatically switched back to HTTPS when you are finished.
The HTTPS bit isn’t the only change the social networking site made in order to provide a safer experience to its users. Facebook announced that it also:
- Redesigned the Family Safety Center which offers articles and videos on safety and privacy.
- Released a new social reporting tool that can be used to notify a member of your community when you see something you don’t like.
- Introduced Two Factor Authentification, a new feature meant to prevent unauthorized access to a Facebook account. Turn on this new feature and you will be asked to introduce a code every time you log into your Facebook account from a new device.
In related news, Sophos recently sent Facebook an open letter in which it said that the social networking site should make the following changes:
- Not share user information without the user’s express agreement. Facebook should not automatically turn on features that share additional information and then ask the user to opt-out if he or she doesn’t want to share additional information with others. Facebook should ask users to opt-in instead.
- Make it more difficult to become a developer on the Facebook platform. Only vetted and approved third-party developers should be allowed to publish apps on the Facebook platform.
- Use HTTPS all the time and turn it on for all users.
In regards to the last suggestion at least, it seems that things are going the right direction. Facebook did not turn HTTPS on for everyone, but at least it returns users to a HTTPS connection after using a non-HTTPS application.
