As kids, we all loved Sesame Street‘s Cookie Monster. (Who couldn’t relate to a guy who loves snacks?!) But now there’s another CookieMonster on the street, and he’s not so nice.
This CookieMonster is a toolkit that tricks your browser into handing over sensitive information, and it’s one of a number of new tactics used to steal your data and, potentially, hijack your accounts.
WordPress has always taken steps to ensure that your data is safe. Now we want to make it easier than ever for you to avoid evil blogjackers that prey on security vulnerabilities.
Click on Edit Profile in the My Account menu of your dashboard and you’ll see a new field called Browser Connection. There, you can opt to “Always use HTTPS when visiting administration pages.” Click Update Profile to save the change, and you’ll be logged out. Sign back in, and you’re rolling with SSL, which encrypts your connection and helps prevent data scavengers from stealing your password and other info.
HTTPS has always been supported on WordPress.com, but it’s now even easier to remember. HTTPS is highly recommended when you’re accessing your account on a public network. Check out this video to learn more:
New Note: Using HTTPS will slow down your blogging speed significantly. Go Turbo with Gears to help speed things up. Check out this page of the FAQ for more information on using Gears — now supported on Safari for Mac!