Conrad Irwin <conrad.irwin <at> gmail.com> writes:
There is no real massive load caused by https at runtime. There is however a significant chink of developer and sysadmin time needed to implement this and make it work.
Secure login in itself shouldn't require reconfiguration of the SSL architecture, though. The login form could simply redirect to a page on the secure server, and use the image cookie method already in use for global logins. That would take care of password stealing without requiring extensive configuration or development efforts, and cookie stealing in itself is not that much of an issue: only admin sessions are worth stealing, and the chances of an attacker happening to be next to an admin on open wifi are very small. (Sure, it would be better to provide a decent https interface and require them to use it, because script injection is not a good thing, but apparently it won't happen anytime soon, and we shouldn't hold back on implementing secure login because of that.)