Adding SSL encryption would be nice, to protect the passwords. (There are cheap, and even free SSL certificates).

Another option would be Luke's idea (from the Eligius pool): http://forum.bitcoin.org/index.php?topic=6667.msg97375#msg97375
By using wallet addresses as a usernames, there's no need to protect the passwords.


I have a (totally unrelated) question:
When you hit the "Pay Me Now" button, are there any transaction fees? (like 0.01 BTC?)