You really have no excuse not to be using SSL on your websites. Your host also has no excuse not to provide you with SSL, if you have requested it because there is a FREE SSL certificate system called https://letsencrypt.org/
So how have things changed?
- SSL sites using an encrypted connection between the user and the web server. This means that information, such as form data – including payment information cannot be simply read by anyone seeing the data on its way between the two ends of the connection.
- SSL was mandatory for the Credit Card Processors, but in a push by Google to improve privacy, it will now warn users when connections are not secure with SSL. Other browser manufacturers are going to follow suit so they don’t look bad in comparison. However, that now means all sites need to go SSL to avoid the privacy and security warnings.
- Over a year ago a non-profit company was started up called letsencrypt.org. They can provide generic SSL certificates and have software which integrates with most hosting providers. All their services are free and therefore all the major hosting companies are passing on this feature to their customers for free. That means there is no reason why you should not take up the offer and go SSL for your website too.
- This does not mean the death of paid SSL services. There is still a need for major players to set up SSL Specific certificates issued just for their company, or even just one website, which then adds the owner information and certificates the connection. So, when going to any major site you should not just see secure in your browser, but have access to the connection information of the site.
- Google is also reported to be giving SSL sites an advantage in its search listing algorithm with better rankings.