Why? Usernames and passwords are transmitted to the server in plain text. And this isn't a tech savvy crowd, most of them probably use the same creds everywhere. Not to mention protection from man-in-the-middle attacks and SEO increases with Google.

http://stackoverflow.com/a/282837/1162683

https://support.google.com/webmasters/answer/6073543?hl=en

Good point penner!

You need to speak your "language" with Spink, he's our site guru. The rest of us are just dumb (not really) hunters. That all went in one ear and.......

You need to speak your "language" with Spink, he's our site guru. The rest of us are just dumb (not really) hunters. That all went in one ear and.......

Ask Spink to raise stink about why when you log into HBC your username and password are not encrypted, like it is everywhere else.
Go to any other website where you have to enter your password and you will see HTTPS at the beginning of the web address.
On HBC it's HTTP.
HTTP(S) stands for (Secure).
So every hacker apprentice can figure out your username and password.
There is a reason why we have so many hack attempts.
Never dawned on me to look.

An SSL will do absolutely nothing for those who don't practice good password security already. As for the SEO benefits it's a very weak signal and would serve ecommerce sites much better then a forum looking for a rank boost. For the cost it's too cheap not too go https:// but let's be real on the benefits and security as it will not save people with bad security practices already.

VBulletin sites are commonly attacked with brute force dictionary attacks against lists of common usernames (millions of them). Some people feel as though they were singled out and someone is hacking their account, not likely... You've just got a username that exists on many other (of the millions) of forums on the web and it's been compiled into a list. Once they get your username then they (malicious users) do dictionary attacks against your password to hopefully gain access. attacks like this can occur in seconds but most hosts including LiquidWeb who HBC hosts with can provide protection against these type of brute force attempts.

If you access HBC from public wifi connections (starbucks) then you're more at risk to get your passwords scraped then someone sitting at their desktop or using a secured connection already.

An SSL will do absolutely nothing for those who don't practice good password security already.

That's the wrong mindset. The reality is most people have bad password security and websites need to do everything they can.

I agree it's a weak signal for SEO but I was trying make it appealing to whomever was going to pull the trigger on it... A little idea marketing never hurts...But not an outright lie like you make it sound
http://googlewebmastercentral.blogspot.com/2014/08/https-as-ranking-signal.html


If you access HBC from public wifi connections (starbucks)

My connection to HBC hits 13 routers on the way to the server, most of them in Muria, and I don't trust them. Don't even trust my own ISP, just takes one bad employee, or compromised router.