Security Tips & Talk

Tips about computer security, online safety, and privacy

Http vs. Https: What’s the difference?

Http vs. Https: What’s the difference?

  • Comments 3

A blog reader recently wrote in:

"A Facebook friend just told me that if the web browser says http:// and not https:// that my security is compromised. Is this true? How can I fix it?"

Your friend is right. Sort of.

If you're just browsing the web and not entering any sensitive information, http:// is just fine. However, on pages that you enter your password, credit card number, or other financial information, you should always look for the https:// prefix. If you don't see the "s," don't enter any information that you want to keep secure.

What does HTTP stand for?

HTTP stands for Hypertext Transfer Protocol. It's the first element you see in any URL and you can think of it as the language used to deliver information over the web. Most web browsers (including Internet Explorer) use an encrypted protocol called Secure Sockets Layer (SSL) to access secure webpages. These pages use the prefix HTTPS. The "s" stands for secure.

Now, since you mentioned that this was a Facebook friend that told you this, we think you might be referring to the recent changes that Facebook made to help increase your privacy. You can now adjust your Facebook security settings so that you only browse Facebook in the https:// mode.

To learn how to browse Facebook in the https:// mode, see The Facebook Blog: A Continued Commitment to Security.

For more tips on how to tell if a website is secure, see How to shop online more safely.




  • great stuff I never knew so thanks microsoft

  • Thanks for that timely information.  I will make sure that i use the https//mode for things that I want secure.

  • I pride myself on being current issues on the web get little sleep plenty of time to research

    Http vs Https caught me flat footed stupid

Page 1 of 1 (3 items)