So it looks like I've been forgetting a lot of my passwords recently. After yesterday's issue with delicious submitting passwords in the clear, today I have a problem with livemocha.com.
As before, their login page is properly secured, but the password reset page is over HTTP:
This is the password reset page:
And this is the URL the passwords are POSTed to, in clear text:
I've gotten in touch with them via their online form. Let's hope they respond.