Hello everyone, kava here, this is my first post and I'd like to point out that on my first login I was not cautious to check and logged in over HTTP instead of HTTPS. I have changed my password and added a rule to my local HTTPS Everywhere Firefox plugin, but to solve the problem at root I hope the forum enables HSTS. I suspect I am not the last one logging in over HTTP, so if you have I highly recommend you change your password.

General password hygiene:

1. Use a password manager such as KeePassXC (I haven't yet tested Obarun. Does it work on Obarun?)
2. Generate different passwords for different sites
3. Always connect with HTTPS