Please secure the login page!
I have sent this over to the Developer. Thanks! Brittany
Joseph Montanaro commented
5 months later and this is still not secure. The whole site is perfectly navigable over HTTPS, so as far as I can tell there's no reason not to institute a global HTTPS redirect. Should take no time at all. You do realize, right, that if someone logs into your site on a public wifi network via the unsecured login page, anybody else on that network could have pulled their password out of the network traffic?