Here’s some very good news to start the week for Facebook users.  As Graham Cluley reports, Facebook has now turned on HTTPS as its new secure browsing default setting (; “Facebook (finally) turns on HTTPS secure browsing by default”).

Why is this good news for Facebook users?  There are 2 key reasons:

  • One: Facebook users won’t have to keep going in and making this choice themselves;
  • Two: Their browsers will be told automatically to communicate with Facebook using the secure HTTPS connection.

How can Facebook users check on whether HTTPS is enabled for their Facebook sessions?  As Mr. Cluley advises, they can go to their Facebook “Privacy Options” setting, look under the “Security” link and confirm that HTTPS is set.  He also includes a direct link to the Facebook page making it easy for Facebook users to go directly from his article to the correct Facebook page to confirm if this change has been made.

I also read the Facebook blog posted about this change.  It was written by Scott Renfro, a Facebook software engineer (; “Secure browsing by default”).  In his post, Mr. Renfro describes all the steps Facebook took to make the HTTPS setting the default.  He also lists some of the future changes Facebook plans to make by the Fall of 2013 that build on the HTTPS implementation.

I encourage Facebook users to read the posts by Mr. Cluley and Mr. Renfro to get even more details about Facebook’s important security and privacy improvement.