IE 11 is not supported. For an optimal experience visit our site on another browser.

Facebook to strengthen security with old-school crypto technique

Facebook is working on implementing an security measure that would would make eavesdropping on your encrypted traffic with the website extremely difficult. Amazingly, the technique has been around since 1992, yet very few websites use it.

Many websites support what's called HTTPS, an encrypted version of the normal HTTP protocol used to weave together the World Wide Web. But the way it's implemented, there's the possibility that a hacker (or the NSA) could get hold of the site's "master key," allowing them to peep in on all the site's encrypted traffic like it was never secured in the first place.

"Perfect forward secrecy" is an advanced form of HTTPS that throws away the master key and essentially makes a new key every time someone connects. That way, even if a would-be eavesdropper manages to intercept or crack one key, they'd only have access to that one connection — and only for as long as it lasted.

Google implemented this in 2011, and now Facebook is working on adding it as well, according to CNET. It make things a lot harder for someone trying to tap into your traffic, but just keep in mind, it won't prevent data from escaping via bugs or those legally required disclosures we've been hearing so much about.

Devin Coldewey is a contributing writer for NBC News Digital. His personal website is