Idea: HTTPS. As far as I know, it's free these days, thanks to Let's Encrypt.
That actually is on our list of suggestions
Most excellent. As far as I'm concerned, the lack of HTTPS is a big sign of unprofessionalism for a site that handles sensitive data (e.g. passwords). It's understandable for an old site like this because I guess the importance of encryption wasn't as well known back then, but these days, not having it is inexcusable for any modern site.
I also forgot to mention this in a hurry while writing the previous post, but this whole 'something happening' thing is awesome! It's great to have someone (or, in this case, lots of people) take care of the site.