When you connect to a web server, the information you send to it is normally transferred as plain text, and as such it is potentially readable by anyone it passes on its journey. To secure your data, you should only send sensitive information where the web page is secure-where the information you send will be encrypted. You can check whether a page on a server is protected in this way by looking at the padlock icon in the URL address bar of Firefox (or bottom right in Internet Explorer). If the padlock is closed, then the page is encrypted. If it is open, or if there's no icon at all, then data will be sent in plain text, unencrypted.