May 9, 2011

Just A Second Before You Type Password




We can classify people into two categories. The types are...
  1. Ordinary Person
  2. Very Important Person (VIP)
There are so many differences between these two type of people. One of the difference is the type of vehicle they use. Ordinary person use ordinary car whereas VIP use bulletproof car.

Similarly in Internet, there are two types of data. The types are...
  1. Ordinary Data
  2. Sensitive Data (Password)
We are sending data from browser (client) to server via protocol. Let us consider protocol as a vehicle for data.  Now we should care about the vehicle which carries data.

Problem With Data

There is possibility to read our data while it travelling. We should not allow someone to read our data. Especially we need to restrict others to read our sensitive data.

Solution

Encryption is the solution for our problem. If we encrypt data then there is zero possibility to read.

For example, if we type password as 'SALT' then it will be encrypted as '@%$#'. Now it is impossible to read '@%$#'. Meantime receiver (Server) should decrypt '@%$#' as 'SALT'.

There are two common protocols used in Internet. The protocols are...
  1. HTTP
  2. HTTPS
The deference between HTTP and HTTPS is 'S'. 'S' stands for secure.


HTTP is like a ordinary car whereas HTTPS is like a bulletproof car. Normally data travel via HTTP. But we should allow our sensitive data via HTTPS alone.

HTTP and HTTPS

HTTP stands for Hyper Text Transfer Protocol.
HTTPS stands for Hyper Text Transfer Protocol Secure.


HTTP carries the data as it is typed by us. But, HTTPS first encrypt the data then it carries the encrypted data.


By default browser will display lock symbol on HTTPS enabled sites. Lock icon helps everyone to identify HTTPS sites. 

Most of the reputed sites login page already available on HTTPS. However make sure, you are typing password on HTTPS enabled sites only.