According to Google, security gives websites a small ranking signal within the overall system. Google also says that this signal only effects about 1% of global search queries, which obviously makes it less important than other 'heavyweights' such as quality content, backlinks etc. (which is logical as well).
But that doesn't mean that this signal should be ruled out. And Google admitted that they "may decide to strengthen" the signal so that more website owners are encouraged to switch from HTTP to HTTPS and keep everyone safe on the web.
A blog post from Google said;
Over the past few months we've been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We've seen positive results, so we're starting to use HTTPS as a ranking signal.
Useful tipsShould you be concerned when switching from your HTTP to HTTPS site for SEO purposes? Not so much. Google has been telling webmasters it is safe to do so for years. But you need to take the proper steps to ensure your traffic doesn’t suffer. That means make sure to communicate to Google that you moved your site from HTTP to HTTPS. Google promises to release more documentation in the future, but for now has provided the following tips:
- Decide the kind of certificate you need: single, multi-domain, or wildcard certificate
- Use 2048-bit key certificates
- Use relative URLs for resources that reside on the same secure domain
- Use protocol relative URLs for all other domains
- Check out our site move article for more guidelines on how to change your website’s address
- Don’t block your HTTPS site from crawling using robots.txt
- Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag.
If your website is already running on HTTPS, you can test its security level with the Qualys lab tool. Are you using HTTPS on your site?