Hello, new here, thanks for the great space 
I noticed a few mentions of enabling HTTPS ( Tilt Forums not working on latest Firefox for Windows , Tiltforums.com comes up as not secure ) but it appears it was never implemented. I just wanted to ask why that was and as a Software Engineer and System Admin offer assistance in any way (for this or anything else) 
honestly it’s pretty egregious that it hasn’t been done by now… i know nobody is getting paid much if anything to maintain this site but secure login is like step one of setting up a website.
Ran a WHOIS check and saw that this is running in DigitalOcean. If they also manage the domain name, it should be pretty simple to enable a Let’s Encrypt cert.
As another sidenote, I recommend as a general best practice to use a randomized password for all of your website logins regardless of TLS. As far as password managers are concerned, I highly recommend Bitwarden.
I guess I will never understand why every damn thing on the internet needs to be https.
That’s the least of my concerns about the modern web… as far as something that looks like a viable alternative - Gemini: https://news.ycombinator.com/item?id=23042424
Maybe for the same reason people put letters in envelopes instead of sending postcards?
Because many of your users rely on untrusted networks for connectivity, and really dont like being subject to javascript injections while connected to hotel, coffee shop, airline, and pub networks.
because it’s trivial to implement and prevents man-in-the-middle attacks?
we can you run let’s encrypt on an JJP pin?