The point of https isn't only protecting such data. It's (kinda) protecting privacy and such. Besides search machines like Google will put your site higher in the results if it has https.
There shouldn't be many reasons why https wouldn't be possible. Let's Encrypt and cPanel's AutoSSL for example could do this without much hassle. If the forum software allows it you could force https for everyone with a simple .htaccess edit by adding to following code on top (valid SSL certificate is required):
Code:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\Comodo\DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/.+$
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]I'm using Smart HTTPS to force every site with an SSL certificate to use https, these forums have been whitelisted so it keeps using http. [img]<fileStore.core_Emoticons>/emoticons/unsure.png[/img]/emoticons/unsure@2x.png 2x" title=":/" width="20" />
