Webmonkey posted an interesting article on https vs. http. The premise of the article is based around why https isn’t being used more broadly across the web. Sites pretty much run https for purchases and high-level information, but not so much for login pages. Those that do, like facebook, don’t force the https address–you have to make sure you type it in manually.
You may wonder why you should care. As long as you can log in, isn’t that the most important thing? You should care, because when you log in to any site and the address doesn’t start with https://, then it’s much easier for people to snag your user name and password.
Read the article: HTTPS Is More Secure, So Why Isn’t the Web Using It?