secure login

Issue #610 resolved
Mahmoud Kassem
created an issue

Login to is not forced through https unless you use explicitly.

It would be better if the login form is submitted through https even if you are visiting and the default login page should redirect to https.

Also the change password form should be HTTPS by default. I suggest that the* is forced to