Dave Taylor

How To Secure Your Facebook Connection With HTTPS

By: Dave Taylor
February 3rd, 2011

I often use public wifi networks to access my Facebook account and am a bit paranoid about my privacy and security. Is there some way to force Facebook to use SSL (https) to securely connect me each time, encrypting information both sent and received?

Dave's Answer:

After the appearance of alarming hacker utilities like Firesheep (which monitors wifi networks to find people logging in to Facebook, then saves a copy of their account and password) it didn't take long for Facebook to join the many different sites that support full-time secure socket layer (SSL) connections between browsers and their server. Another service that supports this full-time SSL connect, btw, is Google's Gmail, so if you're a Gmail user, check it out in the preferences too!

Problem is, as with much of what Facebook does, the secure connection option is something that's being slowly introduced to users. Facebook calls it "a gradual rollout". I call it "darn it, how come other people can do this and I can't?"

Fortunately I now can, so I can show you exactly how I enabled secure browsing with "https" on my Facebook account and you can check to see if you also have this capability. Hopefully you do!

First step is to go to "Account Settings":

facebook https secure browsing 1

Once you're at your account settings, scroll down until you find "Account Security". If you have the option of using the secure https connection, it'll look like this:

facebook https secure browsing 2

If you just see the option related to getting emails and text messages when different systems log in to your account, well, then I guess you need to wait a day or two and try again. Eventually you'll get the new secure connection option, I'm sure.

Hopefully you do have it, however, in which case this is what you'll see:

facebook https secure browsing 3

Looks good! Just click on the box adjacent to "Browse Facebook on a secure connection (https) whenever possible", then click on the "Save" button.

That's it.

Now when you're on Facebook, you should see a nice secure "https" displayed, not the usual -- and insecure -- "http":

facebook https secure browsing 4

Hope that helps you out. If you're really concerned with security, I also encourage you to check out my article on how to use one-time passwords on Facebook so that you don't have to worry about your password being stolen through a keystroke logger or similar.


About the Author: Dave Taylor has been involved with the Internet since 1980 and is internationally known as an expert on both business and technology issues. Holder of an MSEd and MBA, author of twenty books and founder of four startups, he also runs a strategic marketing company and consults with firms seeking the best approach to working with weblogs and social networks. Dave is an award-winning speaker and frequent guest on radio and podcast programs. AskDaveTaylor.com http://www.intuitive.com/blog/