Why isn't the login page running over SSL?
Is just not that important that it be encrypted?
Seems fairly negligent to me...I feel like the old page app.campaignmonitor.com/login.aspx (or whatever it was) was forcing HTTPS.
Anyone have any ideas? I know MailChimp has a secure login page.
We actually never forced https (for performance reasons mostly), but you can right now login at the https:// version of your login URL, and be logged in as per normal.
Of course, all payment pages always use https for everyone.
Presumably the HTTPS version of the login URL is the non-custom domain URL?
Hi Playlab, welcome to the forums! You can also use https with your custom domain for secure login, like so: https://yourdomain.createsend.com/