In modern web development, you should be using
https. There are no excuses not to use it. All hosts should be providing the free letsencrypt certificates as a minimum.
Additionally, your entire site should be secured. Don't secure only WP Admin, the frontend should be secured too.
Failure to do this can bring legal risks, SEO penalties, and security risks to both you and your customers.
This is a major red flag, and irresponsible, you should change hosting provider. Lots of good alternatives for hostng WordPress exist that provide free certificates and installation, ranging from the lowest prices to enterprise grade providers.