What is HTTPS and how does it differ from HTTP?

Answer

HTTP (HyperText Transfer Protocol) transmits data in plaintext — anyone who intercepts the traffic can read it. HTTPS (HTTP Secure) wraps HTTP in TLS/SSL encryption, providing three guarantees: (1) Confidentiality: data is encrypted in transit. (2) Integrity: data cannot be tampered with undetected (MAC). (3) Authentication: the server's identity is verified via a digital certificate issued by a trusted Certificate Authority (CA). HTTPS uses port 443 (HTTP uses port 80). The TLS handshake negotiates cipher suites, exchanges keys, and establishes a secure session before any application data is sent. Modern browsers mark HTTP sites as "Not Secure." All websites handling any sensitive data (including login forms) must use HTTPS.