I went through the process of changing password just now, because i forgot my password (it has been a while since i came to this site). During this process, i went through the steps of
Getting an email generated by server, so that i get the password reset link sent to me.
Click on the link to reset my password.
Type in new password that was accepted by website.
During this process, i noticed that firefox warned me that the "Communication with website was not secure" - then i saw that this process does not use HTTPS, and hence password that send as my new one, is in clear text, and hence the whole security is compromised. This should be changed so that password resets (and logins) use secure protocol throughout the process.
Getting an email generated by server, so that i get the password reset link sent to me.
Click on the link to reset my password.
Type in new password that was accepted by website.
During this process, i noticed that firefox warned me that the "Communication with website was not secure" - then i saw that this process does not use HTTPS, and hence password that send as my new one, is in clear text, and hence the whole security is compromised. This should be changed so that password resets (and logins) use secure protocol throughout the process.