mikebeach.org
The importance of HTTPS login pages – Session hijacking fits in a pocket now
You should always prefer SSL-encrypted (HTTPS) login pages on sites over non-SSL (HTTP). Why? Session hijacking is why. First, let me [very briefly] explain the difference for the unfamiliar. SSL s…