Just in time for holiday travels, Facebook is moving all users to HTTPS connections to help block attacks over Wi-Fi networks.

HTTPS is a secure version of the Hypertext Transfer Protocol, the essential method your browser uses to connect with websites. At the expense of a little speed, it adds a layer of encryption to data transfer, making the information harder to see by attackers on the same wireless network.

Without HTTPS, gathering information over a local network is surprisingly simple. Packet sniffers such as Firesheep and FaceNiffare designed specifically for this purpose, and require very little technical know-how. Indeed, these tools caused a bit of a stir when they first emerged, because they made it so easy to discover other people’s login details or other sensitive information over standard HTTP connections.

As a result, more Web services have adopted HTTPS, beyond just financial institutions and e-commerce sites. In 2010, Gmail made HTTPS the default for all users. Twitter did the same this year.

Facebook added HTTPS as an option last year, but at the time, many third-party apps didn’t support the protocol. All apps have since been required to support HTTPS, and now Facebook is rolling out the added security measure to all users.

PCWorld