Have you ever noticed that sometimes when you visit a website, it starts with HTTP, but sometimes it begins with HTTPS. Why we have this difference?
Basically, HTTP stands for Hypertext Transfer Protocol, the foundation of World Wide Web (WWW). It’s the set of rules for transferring text, image, sound, video, and other files on WWW. In a simple term, you can consider it as a kind of address.
What Is HTTPS?
HTTPS stands for Hypertext Transfer Protocol Secure. You can also call it as a secure version of HTTP. Technically, HTTP transmits data in plain text without encryption, which can be easily intercepted and exploited. HTTPS, on the other hand, will encrypt all data before transmitting to ensure no sensitive information will be leaked out.
How Does HTTPS Work?
When you visit a HTTPS website, your web browser and the web server will establish an SSL connection through an invisible process named SSL Handshake. There are three keys will be used to set up an SSL connection, called public, private, and session keys.
In this, public and private keys will be used to establish the SSL connection with the SSL Handshake process to create session key. Subsequently, the session key will be used to encrypt all data that transmitted between your web browser and the web server. For understand these terms in a simpler way, take a look at the diagram below:
Why Should I Use This Secure Protocol?
With an unsafe environment on the Internet, the better way is to protect your data yourself with all the methods you can use. That said, always using HTTPS when visiting websites is the right solution, especially when placing online orders or filling in your personal details. With HTTPS, all those details will be encrypted and can’t be intercepted to view or monitor. Therefore, all your data will be secured.
On the other hand, using HTTPS is also a great way to protect your online privacy as there is no one can know what you are doing on the Internet, even your Internet service provider or government agencies. However, that’s not mean you can do illegal things on the Internet. The point of using HTTPS is to self-protect your data from attackers who are trying to exploit security holes to steal from users.
Why I Get “Your Connection Is Not Private” Error?
In fact, this is a common error when visiting HTTPS websites. It occurs due to expired SSL certificates, wrong SSL setup, or even worst, the Internet connection you are using isn’t secure. When you get the “Your connection is not private” error in your web browser, such as Google Chrome, that means the SSL connection didn’t established. Therefore, all data won’t be encrypted and secured while transmitting. In this case, you shouldn’t provide any personal or financial details on the website.
What Should Do If Website Doesn’t Have HTTPS?
With benefits of HTTPS, a large part of websites has been switched to HTTPS and use this secure method by default. But if your favorite website doesn’t support HTTPS, you can still use the standard version: HTTP, but avoid filling in sensitive information such as your personal details, passwords, or credit cards. Besides, you can combine with a VPN connect to make sure all your connection are encrypted and secured.