By default, Facebook uses HTTP protocol for communications. HTTP is unsecured protocol and is subject to man-in-the-middle and eavesdropping attacks. The information sent over HTTP is in plain text so attacker can capture the data in the middle of the request. Attackers can then gain access to website accounts and sensitive information about you.
HTTPS is designed to withstand such attacks and is considered secure against man-in-the-middle and eavesdropping attacks. You can able to see which websites uses HTTPS over HTTP by seeing in the address bar of the browser. If the website address starts with “https://” then the websites uses secure connection for communication with server. HTTPS connections are often used for payment transactions by all banks to secure your data sent over the network. HTTPS use port 443 as opposed to port 80 by HTTP while communicating over the network.
The Facebook sends information in plain text when you use HTTP. This means someone can capture and view your information in the middle. This can become security and privacy issue to you. If you want to use secure communication and don’t want someone to view your information sent over the network, use Facebook’s Secure Browsing which uses HTTPS protocol and control your browsing and login security.
To enable “Secure Browsing”,
1) Go to “Account Settings” from the account menu.
2) Look for “Account Security” under settings tab and click on “change” link besides it.
3) Select the box located under the “Secure Browsing (https)”. This will enable your Facebook secure connection whenever possible.
4) Click on the Save button to save the settings.
5) Now, all your Facebook communication will be sent over the secure connection over the network.