All Courses
AI Career Planner
1:1 Coaching/Mentoring
Job Board
SQL
HTML/CSS/JS
Coding
Settings
LogoutSSL is a secure, two-way encryption method that ensures that the two parties – the site visitor and the website itself – are the only ones participating in the conversation. The privacy of this conversation is ensured by a trusted, neutral third party – the Certificate Authority (CA).
The website owner acquires an SSL certificate from the CA. When a site visitor arrives at the site, a verification request is made to the CA as well. The CA sends a confirmation of that signal at the same time, verifying that the certificate presented by that website is valid. The visitor’s browser and the website then share a special encryption key with each other so that the data bits flying back and forth between them cannot be read by anyone else.
This is especially important when users are entering passwords or personal information on a site. It is those bits of data containing sensitive information that the bad-guys of the internet want to get their hands on.
Implementing SSL is easier and less expensive than ever before. There are even new, community-support projects offering SSL certificates at little or no cost – we even wrote about one of those in our last blog post. Surprisingly, the majority of websites still have not implemented this most basic security measure. Many more have not fully implemented SSL, or have done so improperly. Proper SSL implementation is the starting point best practice of website security, but it is not enough.