Twitter encouraged use of the secure HTTPS protocol in a post on the Twitter Blog by Carolyn Penner, which announced the ability for users to change their settings to “Always use HTTPS.” Highlights:
For some time, users have been able to use Twitter via HTTPS by going to https://twitter.com. We’ve made it simpler for users to do this by adding the option to always use HTTPS.
To turn on HTTPS, go to your settings and check the box next to “Always use HTTPS,” which is at the bottom of the page. This will improve the security of your account and better protect your information if you’re using Twitter over an unsecured Internet connection, like a public WiFi network, where someone may be able to eavesdrop on your site activity. In the future, we hope to make HTTPS the default setting.
We’ve already made this setting the default for a number of clients and activities. In these cases, HTTPS is used whether or not you’ve enabled the “Always use HTTPS” setting:
When you log into Twitter, so your password stays protected.
On the official Twitter for iPhone and iPad mobile application.
There are also a few instances where turning on HTTPS in your settings does not force HTTPS. For example, when accessing Twitter from your mobile browser, you need to go to https://mobile.twitter.com to use HTTPS for now. We are working on a solution that will share the “Always use HTTPS” setting across twitter.com and mobile.twitter.com, so you don’t have to think about which device you’re using when you want to check Twitter. If you use a third-party application, you should check to see if that app offers HTTPS.