You’ve probably noticed that some sites use https:// instead of http:// in their web addresses, but maybe you don’t know what that means. Maybe you know that it encrypts your data for better security, but you don’t really know what it’s protecting you from.
HTTPS is a significantly more secure version of HTTP, which is the protocol you generally use to load up your webpages (whether you’re aware of it or not). HTTP stands for Hypertext Transfer Protocol, so HTTPS stands for the same thing but with Secure on the end of it. This is because, HTTPS is “a combination of the Hypertext Transfer Protocol with the SSL/TLS protocol to provide encrypted communication and secure identification of a network web server.”
Why You Should Care
HTTPS provides additional security, but what does that mean when you’re browsing the web every day? It basically means you’re protecting your private information from people who want to steal it using readily available tools like FIRESHEEP (a tool that sniffs out Facebook and other user account credentials on WiFi hotspots).
Using HTTPS:// ensures that when you enter your password or your phone number or anything personal on Facebook—or any other site offering HTTPS—that data will be encrypted as it flies through the great tubes of the internet.
HTTPS is enabled by default on most sites that take sensitive information like your credit card number so you’re generally good to go when buying online. Every browser has its own way of representing whether a site is secure, but generally you’ll see a lock icon in your browser’s address bar. There are varying degrees of security, however, since sometimes emails have attachments coming from insecure sites. If you want HTTPS everywhere, the Electronic Frontier Foundation’s (EFF) aptly named HTTPS Everywhere is a Firefox extension to provide that functionality. They also recommend KB SSL Enforcer for Chrome users but have found that it isn’t implemented as securely (which could be a limitation of the Chrome extension framework).