In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL)
My question is - having a simple html login form hosted on the HTTPS enabled server when the user enters the address starting https:// i’m i right that the browser automatically encrypts the login data (login and password) thus allowing for a secure communication (the browser sees the HTTPS as a protocol and understands that the data send HAVE to be encrypted)?
A user tries to access an HTTPS website using a web browser
The browser sends encrypted login data, so it’s the same hypertext format, with the same login credentials, but it’s codified with random characters to prevent intrusions
The server decrypts the message, then responds with the necessary site data, which the browser uses to display the visual site content to the user
With HTTPS, people can no longer snoop on that data. While they could still see that some type of data was moving between your web browser and the server, they wouldn’t be able to view the data itself because it’s encrypted. For example, instead of seeing your password, they’d just see a bunch of random text and numbers with no meaning.