Though more than half of all websites now employ HTTPS encryption, there are still hundreds of thousands of sites that are still not secure. HTTPS Everywhere, which was developed by the Electronic Frontier Foundation (EFF), is a popular browser extension that makes any unsecured website immediately secure.
This simple add-on gives users an instant privacy boost by granting them another layer of protection while they browse the web.
Unfortunately, a growing number of users are starting to use HTTPS Everywhere and other browser extensions as a replacement for their antivirus software and/or other safety measures. In fact, there’s a common misconception that using HTTPS Everywhere negates the need for a VPN (virtual private network). Unfortunately, this is not only false, it’s also dangerous.
How HTTPS and VPNs work
Before we talk about why a VPN should be used together with HTTPS Everywhere, let’s first take a minute to explain how both services work. When you visit a site that uses HTTPS, you can rest easy knowing the traffic between your device and the site you’re visiting is encrypted.
This means that any and all web traffic moving to and from this site is protected, so hackers, snoops, and other third parties aren’t able to see your network traffic. You can tell when you’re accessing an HTTPS-secured site by checking the little green padlock on the left side of your web address.
A VPN works in a similar way. When you connect to a secure VPN server, you’re able to take on another IP address in the city, state, or country of your choice. Because the VPN acts as a cloaking device, you’re able to hide your real location while assuming the IP of another.
Additionally, because network traffic passes through a secure VPN tunnel, all your data logs will be secure—regardless of the site you’re browsing or device you’re using. *Note that HTTPS Everywhere offers extensions for most web browsers (including Chrome, Firefox, and Opera), while most reputable VPN providers offer dedicated apps for most devices.
Why you should use a VPN in conjunction with HTTPS Everywhere
While HTTPS Everywhere offers a safer and more secure way to browse, a VPN essentially gives you the tools to surf safely and anonymously. What’s more, a VPN lets you access sites and services that may otherwise be blocked in your area— giving you an extra sense of freedom and accessibility.
HTTPS Everywhere is also able to help protect your network against Man-in-the-middle attacks by providing instant authentication for any web server. Likewise, most VPNs can safeguard your network from DDoS attacks by securing your network and keeping your connection stable and reliable.
So, in truth, both services work together to create a more well-rounded and secure web browsing experience. While HTTPS Everywhere encrypts the information you enter on any website, a VPN will encrypt communications between your computer and the VPN servers. In short, this essentially means that a VPN encrypts your connection, while HTTPS encrypts your actions.
Instead of opting to use one safety measure over another, it’s best to foster a more well-rounded online experience by using both at the same time.