HTTPS, which uses SSL, provides identity verification and security, so you know you’re connected to the correct website and no one can eavesdrop on you. That’s the theory, anyway. In practice, SSL on the web is kind of a mess.
This doesn’t mean that HTTPS and SSL encryption are worthless, as they’re definitely much better than using unencrypted HTTP connections. Even in a worst case scenario, a compromised HTTPS connection will only be as insecure as an HTTP connection.
