Facebook’s new SSL based capabilities are a welcome improvement. As this popular site attracts malicious attackers best practices also complement this new protective approach (e.g., avoid potentially malicious links or applications, locking down privacy, careful approval of friend requests, limited Windows account, using latest version of browser, up-to-date AV protection, etc.)

Facebook Now Officially Supports HTTPS for Users

QUOTE: In line with Data Privacy Day this Friday, Facebook announced its rollout of Secure Sockets Layer (SSL) capability for all of its services. Facebook has taken some heat for its lack of SSL support, especially with the release of FireSheep, which we covered here. Facebook does warn that encrypted pages will take slightly longer to load, which is a small price to pay for the added security.  According to the official Facebook post, there should soon be a check box titled Secure Browsing (https) under the Account Security section of Account Settings. This setting specifies that all future connections be redirected to HTTPS. It should be noted that this rollout has just begun and that this option is not yet available to everyone. It may take some time before this option is made available to everyone.