My worry is that it has never done this before ?, strange that it`s flagged it up out of the blue .
Please enable HTTPS if you can.Until it's enabled, people should NOT use any password on this site they have for others sites. Each time you log on the password can be sniffed in the network traffic.