Secure Login module was in need of a maintainer, so I decided to take it on.
What I like about Secure Login is that it's a small, simple module that makes it easy to enforce secure (SSL) logins on a Drupal site.
I've already committed a Drupal 7 version which could use testing and feedback.
One thing I did in the Drupal 7 port was remove the feature that allows redirecting to the insecure site after login. While this behavior is possible in Drupal 7, it's just not "secure" IMHO. What is the point of protecting the user's password from potential attackers but then immediately revealing the session cookie?
If there is a lot of demand for this "feature," even after the recent spate of publicity for Firesheep, I could implement it, but I'd probably do so in a optional side module, maybe called "Not So Secure Login" ;)
