Why HTTPS is secured?

HTTP (Hypertext Transfer Protocol) and HTTPS (Hypertext Transfer Protocol Secure) are both protocols
used for transferring data over the internet, but they differ significantly in terms of security. Here are
the key differences between HTTP and HTTPS:

1. **Security:**

- **HTTP:** HTTP is not secure by design. Data transmitted over HTTP is sent in plain text, making it
vulnerable to interception and eavesdropping by malicious actors. This lack of security means that
sensitive information like passwords, credit card numbers, and personal details should not be
transmitted over plain HTTP.

- **HTTPS:** HTTPS is designed to be secure. It encrypts the data exchanged between the client (your
web browser) and the server using encryption protocols like SSL (Secure Sockets Layer) or its successor,
TLS (Transport Layer Security). This encryption makes it extremely difficult for eavesdroppers to
intercept and decipher the data being transmitted. HTTPS is essential for secure online transactions and
protecting user privacy.

2. **Data Integrity:**

- **HTTP:** HTTP does not guarantee data integrity. If data is modified or corrupted during
transmission, there are no built-in mechanisms to detect or correct these issues.

- **HTTPS:** HTTPS ensures data integrity through encryption and hashing. Data transmitted over
HTTPS is verified to be unchanged during transit, and if any tampering is detected, the connection is
terminated.

3. **Authentication:**

- **HTTP:** HTTP does not provide server authentication. This means that when you connect to a
website over HTTP, you cannot be certain that you are communicating with the intended server, leaving
you vulnerable to man-in-the-middle attacks.

- **HTTPS:** HTTPS provides server authentication. It verifies that you are connecting to the
legitimate server associated with the website's domain. This prevents attackers from impersonating a
website and intercepting your data.

4. **Search Engine Ranking:**

 - **HTTP:** Many search engines, including Google, prioritize websites using HTTPS in their search
rankings. Having HTTPS is considered a best practice for SEO (Search Engine Optimization).

5. **Browser Indicators:**

- **HTTP:** Browsers do not provide any special indicators to show that a website is using HTTP. This
can make it difficult for users to differentiate between secure and non-secure sites.

- **HTTPS:** Browsers display a padlock icon in the address bar or other visual cues to indicate that a
website is secure when using HTTPS. This helps users trust the website and know that their data is being
transmitted securely.

In summary, the main difference between HTTP and HTTPS is the level of security and data protection.
HTTPS encrypts data, provides data integrity, and authenticates the server, making it the preferred
choice for secure online communication, especially when sensitive information is involved. HTTP, on the
other hand, lacks these security features and is considered insecure for transmitting sensitive data.