The differences between HTTP and HTTPS

To better explain the differences between the two protocols, I'll first go through a few fundamental examples as to what HTTP is before continue to give examples to why HTTPS is the better protocol depending on certain situations.

HTTP stand for Hypertext Transfer Protocol which is used in general when uploading and downloading information from the internet.

The best example of this is when you visit a website and the browser amends the URL with the text "http://" to identify the protocol used to access the given web page.

HTTPS is a significantly more secure version of HTTP. The s in HTTPS stands for secure which identifies the protocol as a secured connection.

According to Wikipedia it's

a combination of the Hypertext Transfer Protocol with the SSL/TLS protocol to provide encrypted communication and secure identification of a network web server

.

 

Why would you use a secure connection?

HTTPS provides additional security, which comes in handy when you require additional security barriers too protect sensitive information from being hi-jacked by a third party.

It basically means you're protecting your private information from people who want to steal it using readily availably tools.

There are some essential elements at work in the background when using HTTPS, the process dictates that there is a protocol for communications (SSL), credentials for establishing identity (the SSL certificate) and a third party that vouches for the credentials (the certificate authority) is applied during this connection.

You can think of it as a secret language between yourself and a friend that nobody understands but the two of you. It's normally used in place of HTTP on websites like banks or password protected pages on various infinite other types of websites to protect the flow of information.

Why not just use HTTPS?

The main reason is that it's not economical because even thou the process is incredibly fast between a few established connections, server load will become overwhelming slow when encrypting and decrypting every connection to that server.

It's also a matter of necessity dew to the fact that some types of data will in case be made public through the use of comment or other related public uses.

Requesting HTTPS connections

There are websites that offer the option to use either HTTP or HTTPS depending on a users requirements, namely Facebook which now provides it's users this option through their Account Settings page by selecting Account Security (it's the third option from the bottom) and then checking the checkbox to enable HTTPS under the Secure Browsing header.

 

With more websites making this option readily available, it has become much easier to protect one's private information if choosing to do so.