HTTPS is a protocol that allows to transmit/receive data related to HTTP traffic (so about web surfing) in an encrypted way.
The most common use is the authentication on web sites; this allow the login to be secure.
Many sites/online services uses it, even if various not by default (eg. Facebook, Twitter and Google); generally you just should add and “s” to the normal address you know, so the address will be https://
If you don’t want do it manually there are useful browser extensions.
HTTPS Everywhere for popular browsers (Mozilla Firefox, Google Chrome, etc…).
The following Youtube video shows better the difference between the 2 protocols:
[youtube 9n6b2tco3-8]
As you can see the authentication data using HTTP are passed in clear so it’s dangerous because they can be easily sniffed (captured) from hackers with specific programs (eg. the well known Wireshark) whereas the data passed with HTTPS protocol are in encrypted form.
It’s a best practice that all sites/services use HTTPS protocolo for sensible data, when will not possible for various reasons (eg. the web hosting doesn’t support it) webmasters can use 3rd party solutions like OpenID that over providing security it also allow to have a unique login to remember!
Another solution that is spreading widely is to adopt the login within social services like Facebook and Twitter.