Use HTTPS When Login To Social Websites

Everyday, I will login into my Facebook account to check the updates from my friends and also to reply their comments. But at the Facebook login page, I always change the protocol from HTTP to HTTPS (also known as Hyper Text Transfer Protocol with Secure Socket Layer) before I login. This is to ensure when I clicked the submit button, my username and password transmitted across the network to the Facebook server are secured.

facebook pki-01
Use HTTPS instead of HTTP

Why is it important to login using HTTPS instead of HTTP? From what I know, when you browsing using HTTP, the data sending from your browser to the server is not encrypted. A hacker with his knowledge and skills will able to capture the packets and can read the data as plain text.

But when using HTTPS, the data will be encrypted with the server public key and only the server can decrypt back the data with its own private key. So, even though a hacker can captures your packets but he will not able to interpret the data because he don’t have the private key to decrypt it.

facebook pki-02
Facebook 1024 bits Public Key

Normally, online shopping and online banking websites such as Maybank2U using this protocol as default to ensure the security of their customer login information. Like Maybank2U, it using 1024 bits key length for the public key and private key same like with Facebook.

If you want to know more about how the public and private key work, how to generate public and private key, you can google for public key infrastructure. This was my project topic during my final year in UTM. It is very interesting and I really recommend you to read it.