Twitter has changed the way that users access the company’s main site, now giving them the option to enable HTTPS by default, forcing a secure connection for most interaction with the service. However, the change does not apply to all of the popular apps users employ to access Twitter on smartphones and other devices.
The change to Twitter’s logon policy makes it possible for users to access the main Twitter Web interface over SSL without having to manually enter the HTTPS URL into their browsers. Twitter has given users the option previously to access the site over SSL, but they needed to do so themselves by entering the URL. Now, they can simply adjust one setting in their account settings page and their browsers will always use an HTTPS connection.
The move by Twitter follows a similar one by Facebook earlier this year, which gave users the option of enabling HTTPS by default. But, a large number of Twitter users don’t necessarily use the main Twitter Web interface to access the service, instead relying on desktop apps such as TweetDeck or Twhirl and mobile apps such as Echofon or the official Twitter app for the iPhone. Those apps are not affected by the change to Twitter’s SSL policy, although the official Twitter iPhone app does allow SSL connections by default.
The HTTPS by default change also doesn’t work for users who access Twitter.com on a mobile browser. That change may come down the road, but for now, mobile users who want to be able to rely on SSL to protect their Twitter connections should use either the official Twitter app or one of the others that allows that option, such as Echofon.