After the Big Boss aka Mark Zuckerberg's fan page got hacked last week, finally Facebook team is working to enhance it's website security seriously this time, to fix many critical issues on that largest social media site in the world.
Facebook only using HTTP (Hyper Text Transfer Protocol), which almost all personal users data such as username, email and password can be easily intercepted and obtained by other parties.
Tools like Firesheep and other sniffing software can retrieve any outgoing and incoming data from computer and smartphones (like Blackberry and Android). The data that can be retrieved by this tool can be anything, including your login ID and password. Firesheep has been around in 3 months as a Firefox free add-on.
Facebook Security Late Response
At first, Facebook seems didn't want to respond seriously about many security issues that can be done by this tool. The hacker who can retrieve the data, might use it to hijack Facebook user's account.
There are already numerous complaints and reports from many people about someone hacked and messed up their accounts.
Several hours after the Facebook big boss' fan page hacked, a new security feature has been developed to increase it's users security (and it's boss of course). To secure the incoming and outgoing data on Facebook, users now can choose to use HTTPS (Hyper Text Transfer Protocol Secure).
But as usual, this feature is buried in the labyrinth of the settings, yet it's not easy to find.
Facebook HTTPS Setting is on :
Account -> Account Settings -> Settings Tab -> Account Security
Or visit link below to :
Click change in the Account Security and there will be an option to browse through HTTPS. Check that option and click the save button. However, this feature is not yet available for all users when it was released, only for several users in the U.S. and few countries. For users in other countries, it might be not available yet.
If the HTTPS setting is not there in your account, then you will have to be patient until it available. You should check for it often. For Indonesian (my country) users, this HTTPS setting has been available. Go check it now.
Secure But Slower a Bit
Facebook said that by choosing this setting means that HTTPS will slow down page load times. Also many third-party applications have not been supported in HTTPS. Here is a message from Facebook team about their commitment to continuously enhance the users security:
"There are a few things you should keep in mind before deciding to enable HTTPS. Encrypted pages take longer to load, so you may notice that Facebook is slower using HTTPS. In addition, some Facebook features, including many third-party applications, are not currently supported in HTTPS."
Facebook team added, "We'll be working hard to resolve these remaining issues. We are rolling this out slowly over the next few weeks, but you will be able to turn this feature on in your Account Settings soon. We hope to offer HTTPS as a default whenever you are using Facebook sometime in the future."
Last year Facebook has launched several new security features such as ID data encryption to prevent leakage and the single-use password feature, which can be used when login on public computer in public places like internet cafes.