How to Fix the Secure (Https) Connection Flaw in Facebook After Visiting an Unsecure (Http) Page

by mysticgeek on February 12, 2011

Facebook Security

Last week we covered how to setup secure browsing (HTTPS) in Facebook. There’s a flaw in this system though that you may not be aware of. Here we’ll show you the flaw and how to correct it.

1. So you set up secure Browsing (Https) in Facebook to help protect against bad guys running packet sniffing apps like Firesheep over a public Wi-Fi network. When you check the box Browse Facebook on a secure connection (https) whenever possible you think your always protected right? Not necessarily.

sshot-2011-02-12-[16-08-07]

2. Unfortunately there’s a flaw in the system. When you visit a page or app on Facebook that requires a regular (http) connection, it switches your entire account connection back to the unsecure (http). If you browse to an app or page that is unsecure, you’ll see the following message. At least Facebook gives you a warning…if you want to visit the page, click Continue.

sshot-2011-02-12-[16-09-40]

3. Like in this example where we want to connect to NetworkedBlogs.

sshot-2011-02-12-[16-14-09]

4. Here’s where the problem is. If you log out of your account, and sign back in, you’ll notice you’re no longer protected by a secure (https) connection! What? You though you checked a box saying use HTTPS Whenever possible. And the message advising you need to switch to a regular (http) connection doesn’t say you’ll lose your secure connection after visiting a non-secure site…very annoying.

sshot-2011-02-12-[16-26-26]

5. So what you’ll need to do is go back into your Account Settings.

sshot-2011-02-12-[16-34-21]

6. Under Account Security click on Change.

sshot-2011-02-12-[16-34-51]

7. Then check the box next to Browse Facebook on a secure connection (https) whenever possible again to re-enable the setting…make sure to click the Save button.

sshot-2011-02-12-[16-37-42]

8. Now you’re back to a secure (https) connection.

sshot-2011-02-12-[16-41-09]

So, keep in mind that if you visit a page that isn’t on secure (https) that you double check your settings and re-enable the secure connection settings again. Hopefully Facebook figures out a way to fix this annoying issue soon.

  • http://Google uniquefreakgirl

    THANK YOU SOOOOOOOOO MUCH!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    OMG,I HAD THE SAME PROBLEM AND I COULDN’T LOG INTO MY FAV GAMES!
    OMG,OMG,OMG,OMG…THANK YOU SO DARN MUCH!

  • http://www.simplehelp.net mysticgeek

    @uniquefreakgirl: No problem. I guess it’s not really “a fix” but more of a work around…heh… really just an annoyance. It would be nice to see Facebook fix this problem soon though.

  • Pingback: Help Keep Your Browsing Secure in Firefox – Simple Help

  • gwen

    Facebook will not let me log on with https:

  • Erika

    i followed the steps but it kept on turning back to the page that says “Switch to Regular Connection”

  • Melanie

    I just gave up after the first time it switched me over. I visit outside pages quite regularly (games, networked blogs, etc.) and it’s just not worth it to me to have to constantly switch the security back on every time.

  • Laurie

    Thank you so very much, I really thought I was losing my mind and really just took a chance when searching for an answer but when I did this site was on the search page and well it did make my day, thank you for sharing this…

  • Jo Alberts

    I DON’T WANT THIS STUPID SECURE CONNECTION…”FIX OR NOT” I WANT MY OLD CONNECTION BACK B4 I CLICKED ON THE SECURE CONNECTION!! I WANT TO GO BACK TO THE REGULAR CONNECTION (http)!!!!! I am sick of my games n ect…not working…even though I click on the “notice” that appears each time I log onto facebook, that is “suppose” to allow you to use your facebook as usual, without the secure connection,(only until you close out of facebook, again, and have to go right back to the same old notice each time u sign in to facebook…AND THE GAMES N ECT…THAT I USE CONTINUOUSLY, ON A DAILY BASIS, STILL DON’T WORK RIGHT!! EVEN AFTER CLICKING ON THE REMOVE FOR THIS SESSION…( or however it is actually put)!!! I NEVER HAD ANY PROBLEMS AT ALL WITH FACEBOOK, UNTIL I CHOSE THE SAFE CONNECTION..OR WHATEVER!! I WANT TO REMOVE THIS “PERMANATELY”

  • Tsahim

    It really works! Thanks!

  • BenjoArch

    thank you very very much!!!!!!!! i’ve been looking for it for 4 days!!!!

  • Hope it helps.

    To work around these issues I’ve created my own solution. I’ve added a bookmark to my browser’s bookmark toolbar to go to Facebook under HTTPS. (To do this just add a bookmark for https://www.facebook.com.) Now every time I finish using a non secure area of Facebook I use the bookmark to easily turn the secure connection back on. A simple solution to an annoying problem.

  • Russell

    I want to switch back to non-secure and leave it but it won’t let me. Why and how can i go back to the old way?? please help me before I quit facebook all together.

  • Marcia Cecilia Preuss

    How can l go back to non-secure browsing????The secure browsing(https) is messing up my games, l cannot play anymore….please help

  • bpeden

    I would like to switch back to the non-secure http and cannot. When I try to visit another page I get the pop up that says click to continue in unsecured…..I click continue and it just keep popping up and will not let me progress. Any help would be appreciated. Ty

  • http://GoogleChrome Dorothy

    I would like to switch back to the non-secure http and cannot. When I try to visit another page I get the pop up that says click to continue in unsecured…..I click continue and it just keep popping up and will not let me progress. Any help would be appreciated. Ty

  • ronald lafreniere

    i want to go back to http; face book but how dont want https

  • Ganesh

    btw guys… the APPLICATINS ARE BUILT ON HTTP CONNECTION.. and not https.. its not a flaw… its just protecting u
    its ur wish whether u want https or not… thts y u see its giving u an option…. and NOT CHANGED UR ID BY DEFAULT… got it????

    I SIGNOUT N SIGN IN EVERYDAY EVERY TIME.. I SIGNOUT its HTTPS and SIGNIN and its HTTPS.. I never have to change it…

    BTW when u guys change to HTTPS SECURE CONNECTION did u save it????

    the applications are ALWAYS RUNNING… never SHUT… and SINCE IT WAS MADE HTTP protocol it runs on HTTP.. if it was made on HTTPS protocol then it will run on HTTPS protocol.. ITS NEVER SHUT keep that in mind… U cant say there is a flaw here… its just warning u.. so u want to switch to unsecure type of network whcih is http.. and NOT HTTPS… got it>>

    GUYS N GIRLS WAKE UP.. USE SOME SENSE WHY THIS IS HAPPENING….

  • rush

    its really works!!!!!!! thank u so much now I can play frontierville hahahaha thanks a lot!

  • Mary

    I have done all those steps and it keeps going back to a unsecured browser and I have so many ad and pop ups, annoying. I do not play games. My box is checked for secured connection, still wont let me, when I try to use your bookmark it comes up The webpage at https://www.facebook.com.%29/ might be temporarily down or it may have moved permanently to a new web address.

  • Pingback: » facebook security :anonymous reader writes

  • sharu

    thanks i owe u 1……………
    soooooooooo happyyyyyyyy

  • Pingback: Using Facebook Apps and a Secure Connection

  • mkf

    it disables me when i haven’t switched to an app…and tells me to log out and back in again to restore the https… but when i do that…it stays unsecured…in security section it never asks me to choose my method of browsing…anymore…only to log out and in again. ?????

  • mkf

    never mind. i removed my old bookmark and replaced it with a new https and put on bookmark bar like “hope it helps” suggested. it worked. (Chrome)

  • norjihan

    help me!!!! why my secure connection is expired…. i cannot log in… ??????…

  • patrick valejos

    thank youuuuuuuuuuuuuu very much…
    it is really working on me
    its a wonderull day..

  • sojin shrestha

    i dont know how to disable secure browsing.can anyone help me out from this?plz

  • http://Facebook Abdihalim

    Can any Body help me I putted my friend`s mobile number in my facebook account, facebook as security then he Lost his mobile when I try to log my Facebook account It ask me to sent code to that number and enter below but I haven`t I try so many times eventuality they sent me letter in my hotmail account they said u have to submit ur ID but I don`t know what is Id and it submitting

  • Rupak ghosh

    just go into your fb account from a different different fb account …say from a freinds fb account… then in ur account go to ur profile just check in the contact information…u will see ur email ..the fb email id..

  • Rupak ghosh

    Go ahead and try to download a different browser .. example:-opera mini 5

  • cazaipaul

    Un secure my account

  • cazaipaul

    How can i un secure my account please help to open it

  • Rizwan Kazmi

    How can unsecure facebook account? i can’t sign in on facebook id

  • mike

    whenever i play games on facebook https goes unsecure can someone help me to fix this please…..