Please secure the login page!
It says that the old security certificate expired Sunday, April 29, 2018, 7:59 PM. We just registered and were planning to use this service. What's going on??
Joseph Montanaro commented
5 months later and this is still not secure. The whole site is perfectly navigable over HTTPS, so as far as I can tell there's no reason not to institute a global HTTPS redirect. Should take no time at all. You do realize, right, that if someone logs into your site on a public wifi network via the unsecured login page, anybody else on that network could have pulled their password out of the network traffic?