UPDATED 12:55 EDT / MARCH 16 2011

Twitter Adds HTTPS Mode, but No HTTPS Sign-in

Twitter is responding to mounting pressure after some high profile account compromises by allowing customers to opt-in to always-on secure HTTPS SSL mode. Unfortunately, I doubt most people will go to the trouble of opting in by going to the security settings. Since HTTPS is virtually cost-free to operate continuously for websites that already support HTTPS, Twitter should just default to an always on HTTPS setting without the need for opt-in security. Facebook recently adopted a similar opt-in security strategy and the criticism applies to them as well.

The other big problem that Twitter hasn’t solved is that they still don’t use HTTPS for their sign-in page. I criticized Facebook for the same problem because users have no way of knowing if they’re on the real Twitter or Facebook sign-in page even if they look for it. It works if users manually type in HTTPS but hardly anyone does that. The way Facebook and Twitter are set up now, the typical user will ignore the new security features and still get their account hijacked just as easily as before.

[Cross-posted at Digital Society]

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.