It’s about assurance. It’s about establishing a degree of trust in a site’s legitimacy that’s sufficient for you to confidently transmit and receive data with the knowledge that it’s reaching its intended destination without being intercepted or manipulated in the process. Last week I wrote a (slightly) tongue-in-cheek post about the Who’s who of bad password practices. I was critical of a number
![SSL is not about encryption](https://cdn-ak-scissors.b.st-hatena.com/image/square/490025ad4dfefb483a0faf7460967e2bf5072d3a/height=288;version=1;width=512/https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2016%2F02%2F992991image3.png)