When you use the standard Facebook Login, your user name (email address) and password inside the sign in form are sent in "plain text", or "unencrypted". In layman's terms, this simply means that it is feasible for a third party (read "hacker") to intercept this transmission and get hold of your credentials. While this is unlikely, it is possible: if you are checking your Facebook profile from a public computer or other unfamiliar location (like school, work, the public library, etc.) you can take an extra step to secure the login process, and quite easily as you'll learn in this tutorial. You'll also learn how to turn on a new setting Facebook offers to "Control browsing and Login security", which lets you use
https as often as possible.
When you load the Facebook homepage by typing "www.facebook.com" inside your web browser's address bar, or by accessing it from a bookmark / favorite, the website will by default open in regular mode (unencrypted, not "
HTTPS"). As you can tell from the screenshot below, there is no sign of a padlock icon inside the address bar.
To force Facebook to use the secure login mode, you simply need to add an "S" inside the URL (internet address), right after "
HTTP", as shown on the screenshot below: notice that a padlock now appears inside the address bar, and Facebook works just as it did before. The difference is that now everything is encrypted (and near impossible to hack unless someone has direct or indirect access to your computer).
The short answer is "No" - in the vast majority of cases, you will never have a problem seeing your Facebook account hacked. Another thing to keep in mind is that Facebook can be quite slow in "normal" mode (not encrypted), and surfing Facebook in
https mode means that things will also get a bit more slow - like always, you are dealing with trade offs - and the downside of a secure connection to Facebook is that it requires more work on your web browser's end, and the Facebook servers' end as well.
Facebook Login Tip: a good compromise is simply to use
HTTPS to get the secure Facebook login, and then move away from
HTTPS, just by erasing the "S" after "
HTTP" inside your web browser's address bar, and then hitting Enter (Windows / Linux) or Return (Mac OS X) - which brings back Facebook to "normal" mode. This approach ensures that the most sensitive information of your account (the login credentials you enter inside the sign in form) are protected.
Update: you can now setup your Facebook account to use HTTPS whenever possible, in just a few clicks. This will also spare you from having to add "
https://" to the Facebook login page.