What is the difference between HTTP and HTTPS?
Why Interviewers Ask This
This is a classic screening question for Networking roles. Hiring managers ask it early in interviews to gauge your baseline understanding and determine if you can communicate technical concepts clearly.
Answer
HTTP (HyperText Transfer Protocol) is the foundation of data communication on the Web — it transmits data in plaintext between a browser and a web server. Anyone intercepting the traffic (man-in-the-middle attack) can read or modify the data. HTTPS (HTTP Secure) encrypts the HTTP traffic using TLS (Transport Layer Security), previously SSL. TLS provides: encryption (data cannot be read in transit), authentication (SSL certificate proves the server is who it claims to be, issued by a Certificate Authority), and data integrity (tampered data is detected). HTTPS uses port 443; HTTP uses port 80. Since 2018, browsers mark all HTTP sites as "Not Secure." HTTPS is now the standard — nearly all websites and APIs use it. TLS 1.3 (current version) is faster and more secure than previous versions.
Pro Tip
If you're unsure about a detail, say so honestly and explain your reasoning. Interviewers respect candidates who can think through uncertainty rather than bluffing.