jtt

But that's the fundamental problem! Many (most?) people do use the same password (or with only minor and easy to guess modifications) for a lot of sites. You can preach to them until you're blue in the face, they'll still do it. And you can't really blame them - for the less technically inclined the topic is way beyond what they (want to) understand - many probably won't even be able to tell you if they're using a web browser or a locally installed application, it's just something they memorized where to click on. Thus they assume that, as long as it works, it must be ok and safe, otherwise (s)he wouldn't be allowed to do it - it's the job of those that do the magic to get that right.

If your web page is at least not sending the password out in clear but only a hash of it (as PPRuNe seems to do it) the risks are somewhat reduced (though all web sites using the same hash function will be accessible if the same password is used). But that's something Google and others can't know. It's a bit like with safety belts - most people only really started using them when they were forced to, not due to rational weighting of risks versus inconveniences;-)

Of course, the rest of the traffic to your web site is probably not really secret - it's the process of passing the credentials to it that is the clincher. To make that safe you need encryption - and when you already have that in place there's hardly a good reason not to use it also for the rest - that then comes at (nearly) zero costs and no additional work at all.

Is it really that much of a bother to encrypt the traffic from your web site? The biggest hurdle, for sure, is getting a certificate, but it's not that hard. And, at least with a run-of-the-mill web-server set-up, the rest is adding a few lines to the configuration file (in my case with Apache it were 6 lines for switching SSL on and pointing it to the certificate files and 3 lines for redirecting all traffic from the HTTP to the HTTPS version of the site).

Best regards, Jens