When should we expect the eaaforum.org site to become a secure site, using https rather than http? Especially since we need to input a password to access it.

Browsers are starting to block insecure websites - there's no excuse for having an insecure website that needs passwords to access.