Being a part of the 140-character world just got a bit safer, as Twitter is now letting users choose an encrypted connection while reading and writing on the micro-messaging service, the company announced Tuesday.

The optional HTTPS setting is intended to better protect users who connect to Twitter over Wi-Fi — where hackers can sniff out passwords and hijack user accounts. It comes months after a Firefox add-on called Firesheep that made it trivially easy to temporarily take over the accounts of people using Twitter and Facebook over Wi-Fi.

Twitter is adopting the encryption protocol, the same one used in online banking and commerce, in steps, but said in a blog post Tuesday that it hopes to make it the default soon.

The move comes just weeks after celebrity tweeter Ashton Kutcher had his account hijacked over Wi-Fi at the TED conference. It was also just days after the company settled with federal authorities over charges that it had weak security, despite promises to users that accounts were strongly protected.

For now, Twitter users can choose (on their account-settings page) to enable HTTPS for entire sessions. That means that all Twitter pages they view on the web will be though the secure https://twitter.com, and thus will be invisible to hackers sniffing web traffic. For those who don’t turn the setting on, the login page where you enter your password will always be HTTPS, as will any sessions using Twitter’s official app for the iPhone and the iPad.

But, those who don’t turn it on have their sessions broadcast in the clear, which leaves their accounts open to being hijacked temporarily, even if a hacker can’t get to the password. In this attack, known as session-jacking, an eavesdropper gets a copy of the temporary cookie the site issues to a user after a login, and uses that to pretend to be the account holder so long as that person stays logged in.

As for non-Twitter third-party clients such as Peep and TweetDeck, users will have to wait for those apps to support HTTPS. And if you use Twitter.com from a mobile web browser, you’ll have to make sure your bookmark goes to https://mobile.twitter.com to use HTTPS always, regardless of your account setting.

Currently, Gmail is the only major online communication system that defaults all users to HTTPS for entire sessions, though it’s increasingly becoming an option in other services such as Hotmail, Facebook and even Google Search.

Facebook added the option for full HTTPS sessions in January, though the setting does block most third-party applications from working.

HTTPS used to be considered too slow and computationally expensive for companies to deploy widely, but Google’s experience with Gmail showed that it’s not as difficult as previously thought.

Photo: A hijack-proofed twitterer. (HereKittyKat/Flickr)