Yeah, let me help.
Our site is using http, not https. So...when you log into the forums...your password is sent in plain text to log in...therefore, if someone were tracing your keystrokes (its called a keystroke logger/keylogger/logger) or looking at your network traffic...your password to the forums would be exposed. Http is older technology and not secure, https encrypts the traffic and is scrambled (ie, more secure).
All that is typically fine since we're just a boating site. Where it gets you into trouble is IF you use the same password for multiple sites.
SO..here's a very simple rule. When you're logging into the forums here, your password to this site needs to be unique to only this site.
Since its plain text, a complex password is better to prevent a hack, but if your keystrokes are being logged, that won't really matter. (though better, random is always better)
Implementing https is a bit more complicated (and costs money)...hopefully we'll get it implemented someday, but until then, best to be safe. (We do keep up to date on security patches for the forums btw, but http isn't the highest level.)
Follow this one rule: Use a password unique to this site, and this site only. That way...if someone does get your password to this site, the damage is only to this site.
Thanks guys!
(that's why Chrome says 'Not Secure' in red in the URL)