top button

What is SSL and why is it not enough when it comes to encryption?

0 votes
posted Aug 28, 2017 by anonymous

Share this question
Facebook Share Button Twitter Share Button Google+ Share Button LinkedIn Share Button Multiple Social Share Button

1 Answer

0 votes

SSL stands for Secure Sockets Layer and, in short, it's the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing criminals from reading and modifying any information transferred, including potential personal details.

If SSL has not been properly implemented, some content on a site may NOT covered by the encryption expected. So even though the browser is indicating a secure connection, some of the interactions may not be secure or encrypted at all. There are also potential exploits that can endanger this data exchange. Examples include:

MIME mis-matches
Cross-site Scripting

All of these are well-known methods used by internet bad-actors to extract information being exchanged between websites and users. But all of these can be effectively defended against using a relatively simple website security best practices.

answer Mar 21, 2022 by Akash Deshbhratar