7-Step SEO Basics for Beginners: Go SSL
Once installed, SSL switches your unencrypted HTTP requests to HTTPS and activates the padlock symbol in the address bar. It makes third party hacking and hijacking of a user's connection much more difficult. The search engines prefer to send you to reputable secured sites than unsecured ones.
This now applies across the board and not just for e-commerce enabled sites with shopping carts. It doesn't matter that the site you're visiting doesn't sell anything or capture any personal data, plain HTTP sites are regarded as an attack vector to get into other information in the user's browser or worse. HTTPS is especially important over unencrypted Wi-Fi networks where anyone could attempt man-in-the-middle attacks.
HTTPS has been a confirmed Google ranking factor since 2014. Going HTTPS may not boost your ranking, but not doing so could see you demoted.
In fact, since July 2018, users on Google's own Chrome/Chromium web browser are presented a warning Your Site is Not Secured by HTTPS in the browser address bar.
Having started in September 2016 to mark non-secure pages containing password and credit card input fields as Not Secure in the URL bar, this applies to all non-SSL pages that ask for a password or credit card information. This includes simple WordPress password-protected pages.
Cost has been one reason why a website might not implement HTTPS, both to purchase a certificate and to pay a developer or web admin to install it. However, there are a couple of solutions to this.
The Let’s Encrypt initiative promoting the use of HTTPS issues basic certificates for free. Check with your hosting provider for SSL options to compare, you may not have a choice where to source an SSL certificate depending on your hosting contract. RC