What is a secure website?
A secure website is one that has an SSL certificate that ensures all data that is passed through from your browser to the website server is encrypted to prevent unauthorised access.
Why do we encrypt websites?
The amount of information we share online is large; data such as username and passwords, payment details and other personal details are all frequently shared by ourselves, unfortunately this information can be at risk from hackers.
Encrypting websites started when ecommerce sites started becoming increasingly popular. But now it’s not just payment information that we are now sharing online – much information personally identifies users and with identity theft on the rise is extremely valuable to hackers. This is why Google is calling for the whole web to use encryption.
How can I tell if my site is encrypted or not encrypted?
A website that is encrypted has an SSL (Secure Sockets Layer) certificate installed – this allows data to be securely ecrypted to and from the user browser and website.
At a glance you can tell if a site is potentially encrypted or not before you enter any information by checking if the URL starts with “HTTP” or “HTTPS”. If the URL startes with HTTPS, then the page has been encrypted and it is safe to enter your information.
For example:
- The URL of the Porsche Club Great Britain website is https://www.porscheclubgb.com/ which starts with “HTTPS” which indicates that the website has an SSL certificate installed and is secure
- The URL of the Debenhams website is http://www.debenhams.com/ which means that the website is not secure
So “HTTPS” at the start of a URL means the website is secure?
Potentially it means that it is secure and is probably secure but the “HTTPS” URL prefix is not enough to prove that the SSL certificate installed on the website is secure. That requires the browser to confirm it to you…
Browsers confirm to users that the SSL certificate is valid by displaying a padlock icon next to the URL. This padlock is a universal symbol and as long it is not crossed out then you can be reassured.
What is SSL?
Secure Socket layer (SSL) is the standard protocol used to encrypt data between a user and a web host server. In order to use this technology, an SSL certificate has to be purchased from a trusted Certificate Authority.