vbulliten (the software used for yoganandaji) hashes all passwords before submission. Anyone trying to snoop would only see the hash. Such is built into the software. Perhaps the software here is similar, I don't know - am not familiar with it. Encrypting the entire site when we collect no critical data (credit cards, etc) is overkill, methinks. SSLs are a lot cheaper now than they used to be, but I also believe in keeping it simple. :-).
The password is hashed when inserted into the database, but the encryption of the password from my machine to the server during login is not, as far as I can tell, if so, I would like to see proof.
SSL is simple as can be. I have had no issues, slowdowns, or any problem. Stealing an admin password would be an issue, for me anyways.
