Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is basically just HTTP but over a secure connection.HTTPS gives us identity,encryption and integrity.So what that means is,if you type https.google.com into a web browser,you can be sure you're talking to the real google.com and not some fake google.com. Also,means no attacker on the network can actually see or modify any of the traffic. The web now the Geo-location API,which means that sites can see where you live,where you work maybe where your doctor is,or where your kids go to school.HTTPS gives us this guarantee that we really want our information to be private between ourselves and the site we trust.You also need to trust that public key cryptography and signature works. HTTPS has been around for quite a long time.But for many years,it actually was very expensive and very slow and really hands-on and confusing to set up HTTPS. It is now cheap and easy to set up. There is a HTTPS Transparency Report where you see the usage is increasing over the recent years with more people tending to be aware.[Check it out] The is a web UI for connection security.[See more about it;it is the letter i inside a circle(lame drawing explanation)] HTTPS is required for web APIs that are very powerful foe example Service Workers,Get user media and Geo-location.The HTTP/2 also is used. Adoption of HTTPS is not at 100% and might not be per say. There is something called Certificate Authority that is given by trusted providers like google Certificate Authority.A key pair is given that is the private key and a public key.You do a certificate signing request created with a key or the is Self-signed certificate(You have your own app;create a signing request to it an create a pair key.) Note: Migrating your website to HTTPS is not easy as just putting S on the end of the name of the website i.e HTTP and also not as easy as getting a security certificate. *You actually have to look and make sure that all of the services that your site depends on also support HTTPS for example large,complex sites might depend on many ad networks,maybe analytics providers.And so sites have to sort of take an inventory to first see,what are all of these third-party dependencies that i have?And then,do they actually support HTTPS?If they don't,they might have to go out there and actually convince them to start supporting HTTPS.It can be sort of a project management-type project,as well,to make sure that you've sort of done spring cleaning on the whole site.