Encryption is a way of modifying data so that it can not be understood by anyone who is not an intended recipient.
There are two basic types of encryption: symmetric and asymmetric.
Symmetric means that one key is used to both encrypt and decrypt the data.
Asymmetric means the one key is used to encrypt the data and a different key is required to decrypt the data.
With symmetric key encryption, you can use a password to encrypt data and send it to someone. Nobody without the password can decrypt the data unless something goes wrong. Things can go wrong, the most common being that the password is not long enough to keep a computer from guessing it. To make it harder for computers to guess the password, the process can be done many times, meaning that one guess has the computer trying over and over and over before it is finished trying one guess. This doesn't provide a tremendous amount of extra security since it means that the decryption that should happen also takes a lot longer to go through. If it takes three seconds for your computer to decrypt a file, then a super computer can do the same things a million times as fast. For day to day work, three seconds is acceptable to you, but choosing a very difficult to guess key is important so that a useful delay is enough to make a super computer unable to try enough combinations to luck onto it.
When encrypting something with symmetric encryption it is also somewhat important to know what algorithm is being used. Some techniques were good enough twenty years ago that it would have taken super computers years to guess all the possible passwords, but now are a matter of hours for the common desktop. The standard that I recommend people try to always use is AES. It is considered to be sufficient for top secret document encryption by the government because with a sufficiently complex key (or password) even the fastest computers in the world cannot go through all the possible combinations in several lifetimes.
Practical application is to use WinZip or 7-Zip (free) or WinRAR or whatever compression tool you have to do the encryption for you. This is generally an easy option to select or the default so all the person doing the encryption needs to do is pick a strong password, right click the target file and choose to encrypt from the menu.
With asymmetric encryption you and the recipient have to exchange the keys that the other will need for the encryption step. You give the sender a public key and the sender can send you encrypted messages. If the sender gives you a public key then you can send an encrypted message back. It's called asymmetric because the symmetry of being able to encrypt and decrypt with the same information doesn't work.
This asymmetric encryption works because of math.
This is the basis for encryption on secure websites. Your computer needs to know that the website can be trusted so it asks somebody it already trusts for the public key for the new website. Your computer uses that public key to send the new website an encrypted message, which only that website can possess. The website can then decrypt the message, proving to your computer that it is the website that can be trusted. Typically the message your computer sends is your own public key. When the new website finishes decrypting the secret message, it can use your public key to send a message back to you which only your computer can read.
Now that you can prove that the website is who it claims to be and send encrypted traffic to it, and the website can send encrypted traffic to you and neither can be decrypted by anyone else, you are ready to begin communication where both parties know they can trust each other and keep the traffic secure.
It should be noted that the website has no way to know that you are who you claim be because your public key is from your computer and not something it can verify. In order for you to change that, you'd have to use a key that it can verify by either publishing it somewhere that the website knows it can trust, or by you getting your private key from the website owner. This is possible and done for a few highly secured systems, but unusual. The bit of trust the website has to place in your computer is why you still have to provide a password when you're logging into secured sites like home banking sites.
It's worth noting that you can install gpg on Windows and use it to do asymmetric encryption. Here's what that looks like:
There are tools to simplify that process of course, I just chose the most basic command line method.