What Is HTTPS And How It Makes Me More Secure On Internet
You would be knowing about HTTP but have you ever thought about HTTPS, which is required for some websites. Why it’s like this, that for some websites the address of the websites starts with http://www…. while for others it starts with https://www….. why their is no standard?
Either you are a normal computer user or a professorial, when it comes to security it’s always recommended to know the basics of it before you become a target of a hacker. That’s why it’s very important to understand what is HTTPS and how it works in your browser.
Note: At some point you may find this article a bit technical or difficult to understand, then just read the paragraph again slowly in order to have a better understanding. I have tried my best to explain you the details in an easy way.
What It Stands For
http : Stands for “Hyper Text Transfer Protocol”. It’s a protocol of the web that allows you to browse (protocol means set of rules and descriptions about how to do things). It is the system that helps data transfer and reception over the Internet in plain text.
https : Stands for “Hyper Text Transfer Protocol Secure” It’s also a protocol of the web that allows you to browse with additional Security.
Ok… So What
Atleast you know the basic difference which is of additional security. Whenever you open a website like Yahoo, bing, cnn, bbc etc, these websites doesn’t require any kind of security because these are just a normal text based websites. But when you try to log into the sites like Gmail, Facebook, Yahoo Mail, Amazon, Paypal, Bank websites, Shopping websites etc, then this HTTP changes automatically into HTTPS.
This happens because during log-in process, your Password, Credit Card no, Bank Account no and other details are considered as a sensitive information and are required to be encrypted (means more secure and hidden) so that hackers will not be able to hack this information while you are log-in to the website. Still this doesn’t mean that you are 100% safe from hackers, you need to clean your Internet Cookies, Temporary Internet Files / Cache which are stored in your computer. These junk files assists hackers to get the details about you.
To share the information on Internet, genius people made a procedure for exchanging information and called it Hyper Text Transfer Protocol (HTTP). After that some more genius people came into the world and started stealing this information, so called Hackers. Then to make the information more secure, Internet experts made a procedure which relies on certificates to encrypt the online data. This procedure for encrypting information and then exchanging it is called Hyper Text Transfer Protocol Secure (HTTPS).
Real World Example
Now a days, most of the websites are making their contents more secured by making it available on the HTTPS protocol. If you want to have a look into it, Open your Gmail, Yahoo Mail or even the Google page and check the address bar at the top of your browser. The web address will indicate that you are now on a secure session with the addition of “HTTPS” at the beginning of the URL.
When a Certificate is installed on a website or in other words when you visit a secured website (https), you can see a padlock icon at the bottom of your browser or in the address bar, depends which browser you are using.
In Internet Explorer
In Google Chrome
What’s the Logic
HTTP sends and receive the data over the Internet in plain text. This means that if you have a form asking for a credit card number, that credit card number can be intercepted (hack) by anyone with a packet sniffer software.
By sending your sensitive information like credit card details over an HTTP connection (not HTTPS) is like telling the whole world about your credit card details on a speaker.
How HTTPS works
HTTPS is almost identical to HTTP because as I told you above that it uses the same protocol except it’s more secure. Your web browser acts as a client when you are connected to the Internet. It’s a medium which you use to browse on Internet. When you try to open any website, your web browser sends a request to a server requesting that particular webpage. The server returns an acknowledgement as a status to your browser and then you see the webpage on your computer screen. In case the webpage doesn’t exist or you type a wrong website address, then the server sends a negative acknowledgment with an error page.
HTTPS works by sending normal HTTP traffic (data) through an encrypted channel (Encryption means a way in which plain text is changed into a non-readable format providing privacy). It means, the information cannot be accessed by anyone other than the user (who is requesting) and the website server. But if this HTTPS is not implemented / configured at the website properly, then it’s as insecure as HTTP.
When you open a website which uses HTTPS, your web browser agrees on a “code” between you and the server. After that, messages are exchanged using that “code” so that no one in between can read them. This keeps your information safe from hackers. However, if anyone in between hacks the information, they still could not understand it. Only the sender and the recipient, who know the “code” can read the message because of the HTTPS.
Technical Explanation But In Easy Way
When using an HTTPS connection, the server responds by offering a list of encryption methods to your computer. In response, your computer selects a connection method which it supports and then both of you and server exchange certificates to authenticate their identities. These are SSL Certificates which the computer at each end uses. After this is done, both (server and your computer) exchange the information in an encrypted (secured) channel. The security during the transfer is called the Secure Sockets Layer (SSL) and Transport Layer Security (TLS).
I tried my best to explain this important thing in an easy way. Every Internet user should know the basics that how things are really working on Internet in order to be safe and protect himself from the cyber crimes. Hope from now on-wards you will be more careful on internet especially on the websites where your privacy is more important to you.
Posting Disclaimer Notice:
This posting is not my own creation collection. My effort is copy paste only. I got it from internet posted by someone else. I’m just saving some time for you to avoid searching everywhere. I’m not violating any copy rights law or not any illegal action which I’m not supposed to do. If anything is against law please notify me so that it can be removed.