What is HTTPS? Why You Should Check Before Logging In


There are 4.57 billion active internet users as of July 2020 or 59 percent of the world’s total population. If ever their data has been breached or hacked, it will take an average of 196 days to detect.

One of the most common ways of hacking a computer is through an executable file with a virus.  It may look harmless to the user, but once downloaded, it will allow the hacker to control the computer or use it for other malicious acts.

Some hackers can exploit security holes in web browsers, enabling them to install malicious programs on a computer. It’s important to check if a site uses Hypertext Transfer Protocol Secure (HTTPS) to prevent malicious attacks.

Definition of HTTPS

HTTP is the protocol used in sending data between a web browser, such as Google Chrome, Apple’s Safari, and Microsoft Edge, and a website. With HTTPs, data becomes encrypted, which increases data transfer security.


It’s a must to have HTTPS enabled in the following websites: banking, email, social media, health insurance. These websites carry sensitive information that hackers can use against you.

Hackers can use the email address you used on Facebook to send spam to other computers. Your personal information can be sold on the dark web and used by others to commit serious crimes.

On Chrome, it’s easy to see if the website enables HTTPS. Just look for a green padlock beside the address bar. It will also show site information like a valid certificate, used cookies, and other settings.

The Magic Behind HTTPS

HTTPS uses the Transport Layer Security (TLS) encryption protocol. It secures all communications with an asymmetric public key infrastructure, a security system that uses two (2) different keys in encrypting communications between the website and browser.

The first key is called the private key. It is controlled by the website’s owner and kept on a web browser. It is the only key that can decrypt information on the public key, the second key type.


Available to everyone, the public key is used to securely interact with the server. It can only be decrypted by the private key.

Both keys prevent unauthorized individuals from viewing your private information on the site. If it is only HTTP-enabled, other users can intercept your data once the site breaks it into packets of data.

Your personal data on HTTP is also in plain text. Anyone can access it as long as they have the tools, making your data susceptible to breach.

Why You Should Only Visit Sites with HTTPS

HTTPS encrypts your information so it doesn’t leak elsewhere. During encryption, an algorithm “scrambles” up your data. Only the one with the private key can decrypt your information, turning them into random characters.

During encryption, the client and server computers undergo the SSL/TLS handshake. They communicate back and forth to have a secure connection for the site. This process makes it difficult for the hacker to decrypt text because they do not have the keys containing your information.

Information online is still susceptible to attack. But with HTTPS, it adds multiple layers of protection to your data that only a few parties have access to.

Scroll to Top