Using HTTPS adds another layer of security to your web browsing. It protects you from eavesdroppers sniffing the network you’re on with a tool like Wireshark, or from bad actors who want to impersonate the site you’re on to tamper with its content or with any information you send to it. But trying to remember to type https:// for every website or link can be a lot of work. Luckily, you can install the HTTPS Everywhere extension for Chrome, Firefox, or Opera web browsers, which will allow you automatically default to HTTPS where it’s available.
HTTPS Everywhere is a collaboration between The Tor Project and the Electronic Frontier Foundation. Be aware that the software doesn’t protect you — everywhere on a website—only on the encrypted sections of websites that use HTTPS. For example, if a site you visit loads images over HTTP rather than HTTPS, it’s possible that an eavesdropper could figure out which site you’re accessing, which can leak details about locations you plan to visit, events you plan to attend, and other personal information. Even with HTTPS, they may still be able to determine which main sites you visit–just not the specific sections of the sites you’re spending time on. But online security should be viewed as a continuum, and using this plug-in can certainly help.
Yael Grauer is a freelance tech journalist covering online privacy and surveillance for WIRED, Forbes, Slate, and other publications. Find her at http://yaelwrites.com or on Twitter @yaelwrites, and check out her free ebook on staying safer online at https://yaelwrites.com/saferonline.pdf.
Check out more digital hygiene tips:
- Removing public data
- Privacy protection on domain names
- Https everywhere
- Anonymous “Tor” cloak or VPN
- Prepare for a DDos attack
- Two-step verification
- Privacy plug-ins/cookies
- Third-party permissions
- Image “hidden pixels”
- Links and attachments
- Install patches and updates
- Use a password manager/strong password
- Strengthen security questions
- Encrypt hard drive/backup data
- Click to play
- Use end-to-end encryption