THe second URL isn't really very applicable, and the first describes a process of getting a certificate signed by a Certificate Authority that was bought by another CA that is known to sign bogus certificates and consequently *both* of the CAs are no longer trusted by Chrome, Mozilla, or Safari.
But none of that matters when the password is sent over the internet in plaintext.passwords are not stored plain text, they're md5 encrypted with unique double salts but we are working on updating to SSL
It's not just a setting to turn on. You need an SSL certificate. Which costs a couple hundred bucks a year. Which needs a verifiable issuing organization. Which means you need to have a business presence, which means you need at least an LLC incorporation. Which means filing a non-zero amount of paperwork with various government agencies, all of whom want time and/or money to make things happen. Could it be done in three weeks? Sure, with enough money thrown at the problem. Less money means taking more time. "Free" SSL certs have other requirements that maybe can't be met in a hosted environment.lol three weeks later..
Yep, I use Let's Encrypt for my sites. The only downside is that it's a little cumbersome to set up initially, and you have to renew them every 3 months (instead of every so many years like paid-for certs), but it does provide trusted certificates to allow anybody to use HTTPS.That used to be the case. There are now free SSL cert services out there. Our company has made use of that for thousands of domain and sub-domains.