It seems the information security industry has finally convinced Twitter to enable HTTPS and provide an option to have it enabled always. Tools like FireSheep and multiple research has been pushing companies to force HTTPS all the time. Make sure to enable this especially fi you frequent public networks. Twitter has posted this blog post with instructions:
Today, we’re taking an important step to make it easier to manage the security of your Twitter experience – we are adding a user setting that lets you always use HTTPS when accessing Twitter.com. Using HTTPS for your favorite Internet services is particularly important when using them over unsecured WiFi connections.
For some time, users have been able to use Twitter via HTTPS by going tohttps://twitter.com. We’ve made it simpler for users to do this by adding the option to always use HTTPS.
To turn on HTTPS, go to your settings and check the box next to “Always use HTTPS,” which is at the bottom of the page. This will improve the security of your account and better protect your information if you’re using Twitter over an unsecured Internet connection, like a public WiFi network, where someone may be able to eavesdrop on your site activity. In the future, we hope to make HTTPS the default setting.
For sites that do not allow this option you can use the Firefox extension ForceTLS.