HTTPS stands for HyperText Transfer Protocol Secure. It's the same system your browser uses to load websites, but with an added layer of encryption that scrambles all data traveling between your device and the web server.
When you visit a website using HTTPS, your browser and the server perform a security handshake. They exchange cryptographic keys and establish an encrypted tunnel. Anything you type, send, or receive through that tunnel stays private. A hacker sitting on your Wi-Fi network or intercepting your internet traffic cannot read your passwords, credit card numbers, or sensitive information.
Why it matters: Websites handling personal data, financial transactions, or login credentials must use HTTPS. Banks, email providers, and online shops depend on it. Even casual websites benefit because visitor trust increases when the green lock icon appears in the address bar.
How to spot it: Look for the padlock symbol in your browser's address bar and the word 'https://' at the start of the web address. If you see only 'http://', the connection is unencrypted and potentially risky.
Common misconceptions: HTTPS doesn't make a website legitimate or safe from scams. Fraudulent sites can use HTTPS too. It only encrypts the journey of your data, not the destination. Always verify you're on the correct website before entering sensitive information.
What to do: Avoid entering passwords or payment details on any website using plain HTTP. Most modern browsers flag non-HTTPS sites with warnings. If a legitimate website doesn't offer HTTPS, consider whether you trust it with your data.