Facebook adds secure browsing option

In February Facebook began to roll out an option in user's Account Settings to browse Facebook over a secure connection using SSL/TSL encryption. This is a presumably an attempt by Facebook to address the concern of users around session hijacking vulnerabilities of websites, particularly social networking sites, that were highlighted late last year with the release of the Firesheep extension by software developer Eric Butler. Firesheep is an add-on to the Firefox web browser that is essentially a new sidebar with a "Capture" button. When clicked, this button will display a user name and photo when individuals on a network visit an insecure website.

SSL/TSL can help provide protection against

vulnerabilities that Firesheep exploits.

Personally I don't think this should be an option that users have to enable, it should just be the default connection used by Facebook, but to enable secure connection simply select Account and select Account Settings in the upper right area of the browser.

If you haven't managed your privacy settings it's worth a look--here you can change what you're sharing with who.

Scroll down to Account Security and select change to expand these settings.

You can also view information about locations and devices used to access your Facebook.
Select end activity to disable a suspicious device/location.

Check the box that says Browse Facebook on a secure connection (https) whenever possible. Make sure to also click the Save button. As you browse Facebook from now on you should notice the secure connection lock in your browsers address bar as well as the Facebook web address now being https://www.facebook.com as opposed to http://www.facebook.com