Just ran SmartSniff (a packet sniffer) on my computer, and then logged in to animeforum.com and then looked at the recorded HTTP packets. Here's the payload of the HTTP POST packet (from my login) that it recorded:

vb_login_username=animedude5555&vb_login_password= ******&vb_login_password_hint=Password&cookieuser= 1&s=&securitytoken=guest&do=login&vb_login_md5pass word=&vb_login_md5password_utf=
Notice the variable vb_login_password, and notice the asterisks after the equals-sign. I put those asterisks there when posting this thread to the forum, because in its original form it contained my actual password in PLAIN TEXT! My password was NOT encrypted! What the crap?! ANYBODY who had tapped my cable internet line could have intercepted this and gotten my password! And I also use it as the login password for one of my several GMail accounts! You guys trying to get me hacked or something?!

I know your forum uses HTTP instead of encrypted HTTPS, but that doesn't mean you have to leave the security sucking. You could still make sure that the password field in your forum's software is encrypted. I mean, you could use an encryption algorithm in a PHP script (for server side) and in Javascript (for client side). There's NO EXCUSE, in the modern era of computing, that a password is literally visible to ANYBODY who has managed to eavesdrop on the network packets. That is INEXCUSABLE! I don't know who actually owns the server that animeforum.com is running on, but they need to hire a network technician to implement some form of encryption on the communications link, or hire somebody who knows how to implement encryption on webpages and online scripts to implement encryption in this forum's software.