Originally Posted by jackal

Most every other site that asks me to submit a password has at least an encrypted login screen (if the entire site isn't encrypted), whether it's banking, email, or even Facebook. I'm hard-pressed to think of another site I use with any regularity that presents a possible threat of sniffing my password in [almost] clear-text.

It is extremely dangerous for you to tell people "don't worry, that coffee shop network you're using is probably secure." You should never assume that. Always treat browsing the Internet in a public place as if someone is looking over your shoulder at all times. I think you need to have a serious talk with your product people and rethink your entire company's approach to security. The lackadaisical attitude I'm seeing towards it is not very comforting to me.