Skip main navigation

The Importance of HTTP Versus HTTPS

In this video, you will learn the difference between http and https.
6.2
In this video we’re talking about the importance of HTTP versus HTTPS. So what is the difference? Normally when you browse the internet, you type in HTTP, colon, forward slash, forward slash, WWW, and whatever the URL is, such as Google.com. There is another protocol that you can use. There’s HTTPS. So HTTP stands for Hypertext Transfer Protocol, which is the older form of communication for browsing the web. There’s also HTTPS, which stands for Hypertext Transfer Protocol Secure, meaning that transmission is actually encrypted. So the problem with HTTP traffic is, since it’s unencrypted you’re transferring information in plain text. So let’s take a look at what that actually means. So here I have a programme called DVWA.
60.5
And this is a programme designed to be vulnerable. So what I’m going to do is I’m going to start up a Wireshark transmission here. And let me X out of that. And here is Wireshark. So Wireshark is a packet sniffing programme. It’s designed to analyse network traffic. So I’m just going to select my connection here. I’m going to start up my Wireshark. OK, and we’re going to go back to the browser. So here’s DVWA again. This is a vulnerable system designed to be exploited. So right now I’m sniffing traffic going to this web page here. So I’m going to type in “admin”. And then I’m going to type in the password for this.
102.1
OK, and I’m going to be logged in. So here I’m logged in. And again, this is over HTTP traffic. So I’m going to stop this capture here. I’m going to type in HTTP. And we’re going to take a look at the HTTP traffic. OK, let me Zoom in a little bit here. And if I scroll down in here, we could see in here all the traffic here. It’s actually started analysing all the traffic. And we can see username equals admin, and password equals password, which is correct. It is admin and password. So I could be on any website over HTTP. And potentially, if someone’s running a packet sniffer, such as Wireshark, they could see my password and login information.
150.5
If I ran this over HTTPS, however, that transmission would be encrypted. I wouldn’t be able to just look at it over a packet sniffer like this. So that’s the main importance of using a HTTPS. So let’s continue here.
167.8
So final remarks: HTTPS should always be used whenever possible. HTTP traffic should be avoided if you can avoid it. And remember, log in through HTTP. Transmit your login and password in plain text. So anyone running a packet sniffer, such as we saw in Wireshark, can intercept that information and get your login credentials and password. So you do need be very careful about that. So in the next video, we’ll be taking a look at download precautions and hash checking in download best practises. Thank you for watching. I’ll see you in the next video.

In this video, you will learn the difference between HTTP and HTTPS.

Remember that HTTP stands for Hypertext Transfer Protocol while HTTPS stands for Hypertext Transfer Protocol Secure. If you visit an HTTP website, you may be at risk for attacks.

Reflect and share: Are there any websites you regularly visit that are unsecure?

This article is from the free online

Cyber Security Foundations: Why Cyber Security is Important

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education