It would be great if Facebook took steps to keep user information from being transmitted off Facebook's site, but encryption is better than no solution at all, said Ezra Gottheil, an analyst with Technology Business Research.

"Yes, they should stop the transmission, but they won't. They will continue to meet specific objections and fix specific problems, but the company is built on selling user information," said Gottheil. "Most [users] don't want to get down in the weeds on this stuff. They hear 'problem,' they pay some attention. They hear 'encryption,' they go back to what they were doing."

Zeus Kerravala, an analyst with the Yankee Group, questions why Facebook didn't encrypt user IDs long ago.

"The thing you have to ask yourself is why Facebook didn't do this up front," he added. "Security isn't really in the DNA of social networking today. Why did it have to take an embarrassing situation to have them do something basic like encrypt user IDs...?"