Forum passwords sent in the clear?

[mojomonkey]

This site appears to not enable SSL, even for logging in? Makes it easy for a man-in-the-middle attack to steal accounts, inject content, etc. I'd prefer the entire site to be served SSL (and there really isn't good reason not to by now https://www.eff.org/encrypt-the-web).

Is this a known or recent bug?

 

[King Boonen]

I like my Sausage Sandwiches Layered too!

 

[mojomonkey]

Hmm. Surprised nobody is concerned with how easy it is to steal passwords/accounts for the forums. Hopefully nobody is reusing a password here and a more "important" site (good practice anyway).