Twitter recently has turned on Hypertext Transfer Protocol Secure (HTTPS) by default to users who are logged in to Twitter.com. Once users are authenticated, they will be able to see the familiar HTTPS and an image of a secured lock (on Chrome) next to it in the browser’s address bar.
HTTPS provides encrypted communication and secure identification of network web servers. Encryption has been used for many years by payment processors, banks, and many other websites. It uses the TLS/SSL protocols to authenticate web servers. HTTPS uses port 443 by default, as opposed to port 80 for the standard HTTP.
The standard HTTP protocol is not secure and is subject to eavesdropping attacks, thereby letting attackers gain access to website accounts and sensitive information. To secure a website, administrators issue a public key certificate assigned by a trusted certificate authority.
By turning on HTTPS by default, Twitter is forcing users to use secure communication when logged in to Twitter.com. This is a positive move towards securing Twitter.com. In addition, Twitter still encourages users to use strong passwords with at least 10 characters, using a combination of letters and numbers.