Regular readers may remember an earlier post when I took WordPress to task for bad security practices (Matt dropped by to defend himself). Whelp, fear no more, gentle reader, they have fixed their major glaring horriblenesses:
Click on Edit Profile in the My Account menu of your dashboard and you’ll see a new field called Browser Connection. There, you can opt to “Always use HTTPS when visiting administration pages.” Click Update Profile to save the change, and you’ll be logged out. Sign back in, and you’re rolling with SSL, which encrypts your connection and helps prevent data scavengers from stealing your password and other info.
If you keep your WordPress blog hosted at wordpress.com, DO THIS.