Hear from CIOs, CTOs, and other C-level and senior execs on data and AI strategies at the Future of Work Summit this January 12, 2022. Learn more

Wikipedia will soon have HTTPS enabled by default, creating a more secure connection between a user’s Internet device and Wikipedia.

In an announcement earlier today, Wikipedia’s parent organization, the Wikimedia Foundation, said: “We believe that you should be able to use Wikipedia and the Wikimedia sites without sacrificing privacy or safety.”

HTTPS is a communications protocol often used by security-conscious bodies such as banks, with encryption adding an extra layer of security atop the traditional HTTP protocol for online customers. But other companies have increasingly adopted HTTPS in recent times, including the likes of Twitter, which has had it switched on by default since 2012.

Today’s news isn’t entirely surprising — Jimmy Wales, founder of the Wikimedia Foundation, has been an ardent, outspoken critic of the National Security Agency (NSA) and mass surveillance. The co-penned announcement post from the organization’s legal counsels today stated:

In a world where mass surveillance has become a serious threat to intellectual freedom, secure connections are essential for protecting users around the world. Without encryption, governments can more easily surveil sensitive information, creating a chilling effect, and deterring participation, or in extreme cases they can isolate or discipline citizens.

Accounts may also be hijacked, pages may be censored, other security flaws could expose sensitive user information and communications. Because of these circumstances, we believe that the time for HTTPS by default is now.

The Wikimedia Foundation has been working behind the scenes to implement the requirements for HTTPS by default. Since 2013, those who are logged in to Wikipedia have had HTTPS on by default, and anyone could manually enter the “HTTPS” in the address bar if they wished. Search engines would also include HTTPS when redirecting an Internet user to a page operated by the Wikimedia Foundation.

In addition to HTTPS, the Wikimedia Foundation is using HTTP Strict Transport Security (HSTS), a mechanism that helps prevent “downgrade attacks” which attempt to intercept traffic.

The HTTPS rollout kicks off today, but it will take a few weeks for the process to be complete.


VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more
Become a member