Internet security is certainly one of the trending topics, we often consider ourselves safe when we see a website when a green Secure lock before the website domain before we find out the truth behind the security of https let me tell you what actually HTTP/HTTPS is.
Hypertext Transfer Protocol (HTTP) –
HTTP is a request-response protocol between the client and server. When you visit a website with HTTP:// the client sends an HTTP request to the server asking for all the HTML/CSS/any other files required to load the webpage. It also helps to give a response back to the server.
HTTP Secure (HTTPS)-
This is an extension to HTTP, where all the files/responses are transferred in an encrypted way.
So what makes HTTPS secure?
If you use a website with HTTPS no one in the network can read your data packets since they are encrypted. For instance, if you visit a website with HTTPS, others connected on the same network as yours(say public wifi) won’t be able to see what actually is happening that includes they cannot see the messages you send, passwords you type. In HTTP, since the password you type has been to sent to the server, when they are on their way through the network it is possible to spoof those packets to your computer and then read them.
- Crackers don’t have your information- Although your packets cannot be read by the crackers, they still some encrypted information. That is like they are having a lock with no key, they cannot break the lock neither they can find the key.
- HTTPS means your data is safe? Nope, HTTPS can only make the data transfer from client to server secure that’s it. If the servers are compromised so is your data.
- HTTPS websites ensure no fraud- HTTPS websites can be or cannot be a fraud website, never make the mistake to take HTTPS website as fraud-proof.
- Getting HTTPS is hard and costly – The prices differ from company to company but it is also possible to get an all-browser trusted HTTPS( SSL certificate) for 10$.
- Red HTTPS means danger- Have you ever visited a website with a red-HTTPS symbol? and your browser says it is not safe to visit this website? What this actually means is that a website has bought SSL certificate( that provides HTTPS) for a year and it is expired, but there is no real difference when it comes in the working of HTTPS your data is still safe while it travels to the server.
So the next time you visit a website with HTTPS, keep this thing in mind.