Hi all,

I find it to be a bit of a shocker that not only is the log-in process not done over HTTPS -- schoolboy error, if I ever saw one -- but you do a simple MD5 of the password and send it along as part of the log-in procedure in clear text. The username is also in clear text.

<deleted>

Could you please sort it out ASAP? This should really not be happening in this day and age.