We have to secure all the data of our users, not only registration, checkout and login. We need to secure the session data too. SSL Everywhere or HTTP Strict Transport Security (I hope) Everyone knows, that it is important to secure (read as encrypt)