🦆 IP Ducky

Everyday Internet & Troubleshooting

HTTP vs. HTTPS: What's the Difference?

That little padlock in your browser's address bar represents HTTPS — and the difference between it and plain HTTP is the difference between a private conversation and a public one.

HTTP: the original

HTTP (HyperText Transfer Protocol) is the language browsers and web servers use to exchange pages. In its original form, that exchange is unencrypted — anyone positioned between you and the server (your ISP, a public Wi-Fi operator, a snoop on the same network) can read exactly what's sent and received.

HTTPS: HTTP with encryption

HTTPS is the same protocol wrapped in encryption using TLS. It adds three crucial guarantees:

Why it became universal

HTTPS used to be reserved for logins and checkout pages. Now it's expected everywhere. Browsers mark plain HTTP sites as "Not Secure," search engines favor HTTPS, and free certificate services removed the cost barrier. As a result, the vast majority of web traffic is now encrypted by default.

What HTTPS does and doesn't hide

HTTPS hides the contents of your traffic — the pages, form data, and messages. It does not hide which sites you visit from your ISP, since the domain name is still needed to route your connection (though encrypted DNS helps with that). And HTTPS on a site doesn't guarantee the site itself is trustworthy — only that your connection to it is private.

The takeaway

Always look for HTTPS before entering anything sensitive, especially on public Wi-Fi. The padlock isn't a guarantee of a good website, but the absence of it on a page asking for passwords or payment is a genuine red flag.

🦆 Check your own IP address