Please consider enabling TLS for the login/registration page. This would be a nice increase in security. Enabling HTTPS will help to prevent (but not completely stop) others from "sniffing" traffic. At least the login credentials would not be in clear text. As a network security admin I can tell you it is trivial to capture packets on a local network. Some people may not have the ability to be on a private network when logging into their account. If you sign in using a school network, the network at your place of work, or from the local coffee shop you could be exposing information that can be used to gain access to your account. I can only think of good reasons to enable TLS and only bad ones for not.

Cheers.