Facebook boosts security, adds HTTPS
Houston: In order to stay safe and protect users from getting hacked, the popular social networking site Facebook is rolling out a new set of security features.
Facebook, with over 500-million members, has added the ability for users to login and surf the site using a more secure encrypted connection, known as HTTPS.
The encryption is the same used on shopping and banking websites to secure connections, and was previously used on Facebook when passwords are checked.
"Starting today we'll provide you with the ability to experience Facebook entirely over HTTPS. You should consider enabling this option if you frequently use Facebook from public Internet access points found at coffee shops, airports, libraries or schools," the company said in a blog post.
Facebook noted that the site may function more slowly using HTTPS, and some features, including many third-party applications, don't currently support HTTPS.
In addition to the added encryption, Facebook said it will now also offer "social authentification," a unique form of the traditional "captcha" coding that will ask a user to identify Facebook friends from their photos.
The two new security features promise to prevent Wi-Fi hackers from fraudulently accessing accounts. Facebook already uses HTTPS when users log into an external site through Facebook Connect.
Your password, which gets sent back to Facebook from the third party site, remains encrypted. This will now be extended to user activity within the site itself.
IT experts can already overcome internet security issues by adding third-party security measures and forcing an encrypted connection. However, Facebook's decision to make full-session encryption a default setting for all users will remove the burden from those that are less aware of Wi-Fi hackers.
Facebook uses captchas to authenticate users when they log in from a country that is not associated with their account. However, this is now being replaced in favour of a new photo-matching system. Users will be faced with three photos of one of their Facebook friends, and will have to correctly identify them from a list of six friends' names.
"Hackers halfway across the world might know your password, but they don't know who your friends are," says Facebook engineer Alex Rice. Rice admits inevitable drawbacks to the new security measures.
Page loading speed will take a hit under HTTPS and many third-party apps are not HTTPS enabled. Social network users that that collect friends by the thousand may also have difficulty identifying photos of friends at random, and friends who have cartoons or 'lookalikes' tagged under their name could be unidentifiable.
HTTP settings will not change automatically, so users can opt in or out of the new feature.