Is there no way to login using TLS encryption? I would have thought that would have been one of the first fixes after the break-in this fall. Am I missing something? As an aside, I ran a high volume website for many years for a major university and the one thing that blocked most attacks was forcing TLS/SSL connections for all pages, not just logins. With modern CPU's there was very little performance hit and we could see the script kiddie attacks bounce right off of us in our logs.