Very few internet users understand the meaning of the padlock icon in their web browser’s address bar. It represents HTTPS. It’s a security feature that authenticates websites. It also protects the information users submit to them.
Let’s go over some user-friendly HTTPS best practices to help you surf the web safely.
HTTPS Encryption
Older web protocols lack data encryption. When you visit a website that doesn’t use HTTPS, everything you type or click is sent across the network in plain text. So, if your bank’s site doesn’t use the latest protocols, your login info can be intercepted by anyone cyber thieves.
HTTPS Certificates
Outdated web browsing also lacks publisher certificates. When you enter a web address into your browser, your computer uses an online directory to translate that text into numerical addresses. For instance, www.google.com = 8.8.8.8. It then saves that information on your computer. This way, it doesn’t need to check the online directory every time you visit a known site.
However, if your computer is hacked it could be tricked into directing www.google.com to 8.8.8.255, even if that’s a malicious website. Often, this strategy is implemented to send users to sites that look exactly like what they expected, but are false-front sites designed to trick you into providing your credentials.
HTTPS created a new ecosystem of certificates. These certificates make it impossible for you to be redirected to a false-front website.
What this means for daily browsing
Most people hop from site to site too quickly to check each one for padlocks and certificates. Unfortunately, HTTPS is way too important to ignore. Here are a few things to consider when browsing:
- If your browser marks a website as “unsafe” do not click “proceed anyway”. That is unless you are absolutely certain nothing private will be transmitted.
- There are web browser extensions that create encrypted connections to unencrypted websites. (HTTPS Everywhere is great for Chrome and Firefox).
- HTTPS certificates don’t mean anything if you don’t recognize the company’s name. For example, goog1e.com could have a certificate, but that doesn’t mean it’s a trustworthy site.
Avoiding sites that don’t use the HTTPS protocol is something you need to do to stay safe when online browsing. When you’re ready for IT support that handles the finer points of cybersecurity like safe web browsing, give our office a call.