1. Zope should integrate SSL. 2. All protected pages should be delivered only through SSL by default. 3. A fallback to use management and protected pages without SSL should be there, but it has to be enabled by hand.
That would eliminiate many risks with little effort for non hackers.
Having "native" SSL support in Zope surely would be a GOOD THING (tm). It just doesn't seem to be a very popular idea. I remember some previous threads about it on this list ... But SSL wouldn't help with the password issue! Getting into an SSL-secured page by guessing the password isn't any harder than without SSL. The only advantage is that the password cannot be "sniffed", only guessed. If you want real security for a site that is in the public internet, I don't think there is an easy solution. The only things that come to my mind are "one-time" passwords sent to the user via a secure connection or generated by password generators and smart cards with public/private key technology. But that's a general issue, not a specific Zope problem.