Some users are seeing a prompt at the top of their Facebook home page that reads “Help Protect Your Account with Secure Browsing (https)”. Users can click a button in the prompt to switch to HTTPS and foil attempts by hackers to steal their data.
Following the recent exposure of several security threats, Facebook appears to be ramping up its preventative security measures. Developers should list an HTTPS address to make sure they don’t miss out on traffic from those who follow the prompt.
Facebook introduced HTTPS in January to allow users to browse the site over a secured connection. Though it causes pages to load a little slower, it can keep user data safe when they’re connecting over public networks, such as in coffee shops. Facebook says that as of May 10th, 9.6 million users had enabled secure browsing in their Account settings, showing demand for the option despite little promotion for it.
Alongside HTTPS, Facebook launched the ability for third-party application developers to list secure canvas and tab URLs. If they don’t provide them, users with HTTPS enabled are shown a roadblock that forces them to either switch to HTTP browsing or retreat to official Facebook content when approaching a canvas app, and users won’t see bookmarks of tab apps. Then in response to some data leaks by third-party apps, Facebook announced last month that by October 1st all apps must provide an SSL certificate to allow HTTP browsing.
Still, Facebook is combatting an image of flawed security, in part due to exaggerated risk assessments of leaks by the press. This new home page prompt should increase awareness of enhanced security options amongst those that might have heard of threats but not the protections against them that Facebook has released.
Displayed front and center above the news feed, the prompt explains that “To always view Facebook over a secure connection and help prevent hackers from accessing your info over public networks, turn on Secure Browsing now.” Users can click “Enable Secure Browsing” to reload the home page and continue browsing through HTTPS. They can also click to “Learn more” in the Help Center, and can always enable the option via Account Settings -> Settings -> Account Security. Oddly, the prompt is also being seen by users who have already enabled HTTPS.
The prompt will likely increase the percentage of users that do enable secure browsing, making it more important for apps to add secure canvas and tab URLs before the deadline. An increase in secure browsing should also discourage hackers, reduce the impact of security breaches, and improve Facebook’s public standing.
No comments:
Post a Comment