I noticed that some sites I visit say “https” instead of “http” in the address. What does “https” mean, and what’s the difference?
The address of a Web page is called a URL. The letters that preceed the colon (:) at the beginning of a URL are the protocol, or the manner in which your computer and the site are communicating with each other. Usually, Web pages are accessed via http, however sites that require an extra layer of security will communicate with you via https.
HTTP stands for Hyptertext Transfer Protocol, which is a set of technical specifications for the manner in which information is transferred on the World Wide Web. When you request a Web page from a site, your computer and the server communicate with each other according to the rules of HTTP.
HTTPS means Secure Hypertext Transfer Protocol. HTTPS is used when the information being communicated is of a sensitive nature. HTTPS is basically HTTP, encrypted. By encrypted, we mean that the information being transferred back and forth is encoded in a manner that can be understood by your computer and the site’s server, but appears meaningless to any other unauthorized party who might happen to be listening in.
Fig. 1 - HTTPS precedes the URL of a secure site.
HTTPS should be used by any site that deals in the transfer of personal, private information. When you shop online, use Internet banking, provide personal information such as your social security number, or perform any other such action, the site you are visiting should use HTTPS. Many browsers, e.g. Microsoft Internet Explorer, will display a closed “lock” icon to signify the use of HTTPS. This icon will differ from browser to browser, so you should also make sure that “https” is the very first thing that appears in the address bar.
Fig. 2 - Most browsers display a lock icon to designate a secure http connection.
