Facebook finally provided a way to keep any random hacker within a yard of your computer from hijacking your account, but you have to enable this protection on your own—if it’s available.
Facebook has added an option to use the encrypted HTTPS protocol, a feature it began rolling out on Monday but say they won't finish for a few weeks. You should check now to see if it's available, and sign up as soon as it is enabled for your account.
What dies HTTPS do? It's an important tool that can keep your Facebook account safe from being hijacked on an open or poorly secured wireless network. Gmail, for example, uses HTTPS for everything.
By default, Facebook sends your access credentials in the clear, with no encryption at all. Switching to HTTPS is important because a browser extension called Firesheep makes it easy for anyone sharing your open wireless network to freely access your account.
One blogger sitting in a random New York Starbucks was able to steal 20-40 Facebook identities in half an hour. HTTPS solves this longstanding problem by encrypting your login cookies and other data.
You can sign up for Facebook HTTPS by going to Account Settings and then selecting "Account Security," third from the bottom. Then click under "Secure Browsing" — if it's there. Facebook said that most people should have it by not but if it’s missing, check back every day for the next few weeks until you see it. [Gawker]