Well, the other problem is that when you log in, the password you enter (and I'm assuming the account name as well), is sent in clear text on the wire.

Anyone "listening" between your browser and the login server can get anyone's account info very easily...

I did post this in the "suggestions" forum (i.e. the suggestion being to encrypt the login info) as well but it went unresponded to.