SSL "the Hacker's enemy" !
NOT ALL HEROES WEAR CAP!
SSL IS ONE OF THEM
You might have heard about not to give your private info like Password, cc numbers etc etc on public computers or Public wifi because hackers have way to access them !
some methods to steal data are Packet Sniffing or ARP poisoning any many more ! if you want articles on these methods comment down below.
Secure Socket Layer (SSL)
Is the most widely used technology for creating a secure encrypted connection between webserver and webclient. or in simple words all the data transferred between your PC and Server is encrypted !
you must be familiar of http:// Protocols and https:// Protocols
http protocol is used for the standard communication with no encryption.
https protocol is used for secure communication with advanced encryption .
Cryptography
If two users want a secure connection they can use cryptography to establish it.
FOR EXAMPLE:
TFDVSF = Encrypted Text
SECURE = Decrypted text
You might be wondering how i decrypted it ! Here i used Algorithm=+ for communication and the key is "1" . so what comes after S , its T and what comes after E and C its F and D . so thats how i encrypted it.
So in real world if you are using a secure connection and if the hacker is sniffing between you and server then he would get the encrypted text. But as the hacker don't know the key so he can decrypt it
HTTP VS HTTPS |
You can understand the difference by seeing these two pics
you can see no encryption by using a simple sniffing hacker can have your password.
but in https password is encrypted even if hackers gets the password , it will take years to crack it !
HOW TO IMPLEMENT HTTPS ON YOUR SITE?
You can implement https on your site by purchasing a SSL certificate .
Website which use transfer of personal data like online transactions or logins! must get SSL cetificate.
HOW TO IDENTIFY A SECURE CONNECTION?
On CHROME or any explorer you will see a lock icon in the security status bar . you can click on that lock to check identity of site.
before making any online transaction check if the site is starting from https://.
HOPE it was helpful :-)
Comments
Post a Comment