Beyond that, there's really no excuse for not using SSL everywhere now. If a site has user data, or requires any sort of login, it should use SSL everywhere.