SSL provides several levels of security:
When establishing a connection to an SSL-enabled server, the server authenticates itself—proves that it is the server you intended to contact—and an encrypted SSL session begins before any data is transmitted.
Once the SSL session is established, user name and password are transmitted over a secure, encrypted connection.
A comparison of the server certificate’s digital signature can determine if any information received from the server was modified in transit.