Secure Your Facebook Connection with HTTPS

Protect your Facebook data

If you’re a Facebook user, and if you access your account through an unsecured Wi-Fi network, your Facebook profile could be vulnerable to session hijacking by a nearby hacker with packet-sniffing tools (like Firesheep). Unsecured wireless connections are convenient (at places like Starbucks, bookstores, or that free wireless network on your college campus) …but they come with serious security risks.

At home, you can (and should) prevent this type of attack on your personal wireless network by using WiFi encryption on your router. We recommend WPA2, which is much more secure than the weak, outdated WEP protocol.

But, when you’re using free public Wi-Fi, you’re probably not using WiFi encryption, so you’re vulnerable. On these networks, you should avoid sending and receiving any personal data (including passwords and email), unless you’re using HTTPS – which stands for Hypertext Transfer Protocol Secure. HTTPS provides an encrypted communication between your browser and the network web server.

HTTPS is the protocol that your browser uses automatically when you are doing online banking, or shopping at major Internet retailers like Amazon. It’s also available for Gmail users. And now it’s available on Facebook as well.

Secure Browsing on Faceboook

Randy Abrams, security expert and blogger at ESET has reported on a number of Facebook security issues in the past. Recently he posted a short tutorial to show how to increase your Facebook privacy settings. You should follow his instructions, so you can use HTTPS automatically when you log into Facebook – then you can update your profile securely when you’re on a public WiFi network.

But be aware that Farmville, Mafia Wars, and other Facebook apps may compromise your secure connection, not to mention your privacy.

Visit the “Threat Center” at  ESET for more information on keeping your data private and your computer secure.  ESET is famous for its highly-rated antivirus products: According to PC World it’s “…the best proactive protection by far.”

Comments

  1. says

    Hello,

    The connection with https does not allow application iframe non configured https to appear on the fan pages.
    iframe.apps allows to create an iframe without being facebook developer and avoid to purchase and configure the SSL certificate.

    The application iframe.apps (http://www.facebook.com/iframe.apps) proposes to:
    – add in an iframe tab an existing web page by simply inserting the URL
    – or create a new iframe tab with the HTML editor integrated
    (same as what was managed Static FBML)

    Your comments and remarks are welcome. They can help us evolve.
    Bruno B.