As you all know, your character names and passwords on this site are sent over the net in plain text as this domain does not utilize an SSL. This is fine if you don't use that password anywhere else and don't associate your character's names with sensitive real world accounts, and it's been this way for years since the site was created as far as I can tell. Not so much concern with a random kid running aircrack-ng as it is just for the sake of standard security and some peace of mind. If implementation is even possible and the time allowed, I would highly recommend looking into setting up an SSL. I know there are deterrents, though. It costs money and has to be manually installed correctly, which can be particularly daunting for non-profit organizations.
However, there is an SSL project that's been trending called Project Let's Encrypt. It's essentially a free SSL. It's not the first of its kind by any means, but the efforts in establishing credibility separates the project from the others. Setup is quick and intuitive as it's automated via their CertBot tool. The SSL expires every 30 days, and can be set up to renew automatically at no cost. There's no telling when this will last or when some significant flaw is found. I know a few companies that have given it a go and were surprised at the results, as well as some developers who attempted to challenge the service. Not all minor devices/browsers are yet compatible (Opera...). See full compatibility list.
Anyway, just a friendly note.
I'm in no way affiliated with the project, but I do endorse the idea of a free SSL, similarly to Open Source and Internet Privacy. While I believe CAs should be trusted organizations, I don't believe SSLs should be monetized.