As described in viewtopic.php?f=2&t=4178 , the site supports https.
However, it defaults to http! This means that anyone who just enters the domain without explictly stating https will connect over an insecure connection, which means that anyone on the same network is able to read what you're doing here. Given the content of this site, this is quite undesirable. It would also allow them to read your password, and most people reuse those wuite a bit, so that's quite bad as well.
Is there any chance you could prevent the casual user from making this mistake by simply redirecting all http requests to https, like most websites do nowadays?