As far as I can tell this forum only uses HTTP, and does not support HTTPS.
This means all information, including login passwords are transmitted as cleartext. (no encryption)
This is a somewhat of a security concern, if someone were to log in while using an open wifi network, a passive attacker could obtain their password, by eavesdropping the wifi traffic.
While hijacking someones psi4 forum account is probably not very serious, if someone also uses the same password on other sites, an attacker could do more nasty things.