How many of you regularly use twitter? I guess most of you. Have ever worried about the security it is providing? You should read on if your answer is NO.
One of colleagues gave a quick demo a few days back to show how insecure the default twitter is. His demo proved that, any one sitting in same network as yours can easily hijack your twitter account and tweet on behalf of you. He was able to make it because twitter runs on http by default. Since it is http, all the data transfer will happen over wire in plain text format. So, any one in your network with a couple of tools can spoof your MAC address can easily capture what you are sending over wire and get the twitter cookie(key for maintaining your twitter session) and tweet using your twitter account. The method that my colleague demonstrated is a simple hack any one with computer knowledge can execute it.
How to I make it secure: Twitter provides a option to make your twitter account to use https(secure http) as default protocol. Making use of this will at least prevent your twitter account from this kind of silly hacks.
You can follow the below procedure to enable the https
- Logon to twitter account.
- Go to your profile tab and click on edit profile
- Go to Account section in your profile and check the box Always use HTTPS
- Click on Save and enter your password when prompted
- Now your twitter account is secured.