It is common these days to be using web services on a wireless network or from a phone. When you are in a public place, there is the possible danger of someone eavesdropping on what you are doing. (See Gizmo's discussion of the perils.) If you use the ordinary unencrypted HTTP protocol, almost anyone could be an uninvited observer of your web activities. There is even a simple extension for Firefox called Firesheep that uses a packet sniffer to intercept unencrypted cookies.
When using sites with personal information, the more secure encrypted protocol HTTPS should be used. HTTPS connections can be a little slower on some connections but the security is worth it. Many major services have implemented settings to use this protocol and this tip gives the procedure for three of the big ones—Gmail, Facebook, and Twitter.
Use HTTPS for Gmail
One way to employ HTTPS is simply to always use the address https://mail.google.com. Another method is to change a setting in your Gmail account. Here is the procedure:
- Go to your Gmail page
- In the top right side of the Gmail page, click on "Settings"
- In the Settings box that opens, click on “General” if it is not already selected
- Find “Browser connection” in the list of options
- Select the button “Always use https”
- Scroll down and click “Save changes”
HTTPS for Facebook
- Log in to your Facebook account
- Go to “Account” at the top right corner of the page.
- In the dropdown menu for “Account” click “Account Settings”
- Look for the “Account Security” section
- Click “Change”
- Put a check by “Secure Browsing (https)”
- Click "Save"
There is a catch, however. Some Facebook pages require regular HTTP to connect. If you try to open one of them, you’ll be asked if you want to switch to HTTP. If you do switch, you’ll have to go back to the account settings to reinstitute HTTPS after you are finished with using HTTP.
HTTPS for Twitter
- Log into your Twitter account
- Open the dropdown menu under your account name
- Click “Settings”
- In the "Account Settings" that opens scroll down and check the box next to “Always use HTTPS”
- Click “Save”
- Reenter your password
- Click “Save changes”
Use browser extensions to enable HTTPS
There are also some browser extensions that can be used to enable HTTPS. For example, the well known NoScript for Firefox is one. Chiron also mentions HTTPS Everywhere for Firefox and Use HTTPS for Chrome.
Using HTTPS is only one layer of the multi-layer defense that these times demand but each layer adds that much more protection.
Get your own favorite tip published! Know a neat tech tip or trick? Then why not have it published here and receive full credit? Click here to tell us your tip.