Any thought of running the DU login through a https secure connection?
Logins seem plain http. Or are you encoding passwords before they go out? Because as it is, I don't see https on the login page, and anyone with Wireshark or some similar network sniffer could snag it.
1. I have no idea if the Admins are contemplating a more secure login...
... but I do know that currently usernames & passwords are transmitted without any encoding - which means it is entirely possible for someone to get your password if they are monitoring your internet connection.
It is highly recommended that everyone use a unique password for DU. Do not reuse the same password you use for other websites (e.g. your bank's website, paypal, etc.). If someone were to get your DU password (which is possible), they would then also have your password to any other account that uses that same password.
"We see what we want to believe" - Robert McNamara, The Fog of War