I received a lot of feedback after my post yesterday about creating a permanent SSL (https://) connection to Facebook. It’s most important to use SSL anywhere you don’t want people to see what you’re doing/looking at. For example, anything with a form that asks for personal information, or when you login to a site using your password, or where you enter your credit card or banking information. At a minimum, all of these things should be https://. Anything not using https:// (SSL) can be sniffed (it’s plain text so people can watch/read/log what you’re doing).
If you can’t find it on your favourite website, contact them and ask them to to make SSL always on. Here is an example of how to do this on Twitter, for example:
What other websites can you find this setting on? Also, make sure your bookmarks are for the https:// version of the website, and not the http:// version.