I am wondering how to securely build a sign in application through a modal window. Is it possible to make a modal window secure? I have two examples of what I am talking about:
1) www.ae.com - they have a sign in section on their header - not SSL on page with modal window.
2) www.wamu.com - they also have a sign in section on their header - have SSL on page with modal window.
Are these both secure? Or just one over another? Could you please help us understand the necessary steps to make sure our sign in application is secure? Any information on this subject would be greatly appreciated.