Twitter announced today that HTTPS will now be on by default for all users signing into Twitter.com. The setting became optional last year, but now it's the norm.
Twitter says on its official blog:
This setting makes your Twitter experience more secure by protecting your information, and it’s especially helpful if you use Twitter over an unsecured Internet connection like a public wi-fi network.
Now, HTTPS will be on by default for all users, whenever you sign in to Twitter.com. If you prefer not use it, you can turn it off on your Account Settings page. HTTPS is one of the best ways to keep your account safe and it will only get better as we continue to improve HTTPS support on our web and mobile clients.