security: http login page should redirect to https! please.
The login page should use SSL/TLS certs to encrypt data in transit between the browser and Old Reader's servers. HTTP version should redirect to SSL/TLS site. Ideally all of the traffic to the app would be encrypted, but a bare minimum should be the login page.