Is ignorance !
Plz take a minute and read this:
The greater percentage of people will login to a http site. Especially if they use a lot of mobile hardware with screens small enough with outdated operating system/browser.
Whatever you do, whatever measurement you have taken, If someone finds an open wifi and wants to connect to site like facebook from his/her mobile device, he/shell will never check for a https connection. If there is a MAN-IN-THE-MIDDLE (proxy/dns spoof) people will connect to http://facebook.com on a private address like 192.168.2.5
So the effort should be on education and digital liberty. Cause people, will always choose the most free & easy use app Vs complex but secure.
Wednesday, March 12, 2014 - 14:24:51
In the meantime… https should be mandatory on websites that handle login requests and personal data.