The risk of personal damage when using this site from man-in-the-middle interception of the data we process here is something everyone should personally assess. A few pointers:
- You should not be using a password here for login that you use anywhere else. Period. Use a unique one you don't use elsewhere.
- SSL protects data in transit only, so it's good for when you're accessing the site over an untrusted network (like Starbucks, public wifi, etc).
- SSL does not protect data at rest. The passwords here are encrypted in the database, but posts, etc, are not.
- Having a VPN solution for when you are doing anything on an untrusted network is cheaper than an SSL cert, and would protect you with everything. It would not stop web browser warnings, but your data would be protected anyway. That is the way to go if you have specific concerns.