How about not sending our login information over Plain Text?
How about not blocking my Twitter when I tweeted at Tupper about this major security issue?
Before anyone says I violated ToS to get this information:
This can easily be seen through any sort of network packet management software.
Specially those designed to inform you when your information is being sent in an insecure way.