All unencrypted HTTP links on the ImageJ wiki now redirect to HTTPS. E.g., http://imagej.net/ goes to https://imagej.net/. Hopefully this will alleviate the login issues some people have been experiencing.
This is an experiment to see whether there are any adverse issues. Please complain on this thread if it causes you problems.
There are several other domains (e.g., http://fiji.sc/) which I would like to blanket redirect to HTTPS. However, please note that there are some subdomains which, for technical reasons, cannot be made to blanket redirect. In particular, Java has issues communicating with HTTPS URLs using Let's Encrypt, the certificate authority used by
imagej.net sites; see this SO post for technical details. So at least the following subdomains will continue to support  unencrypted HTTP for the foreseeable future:
 Of course, "support" here does not mean prefer. It is certainly the goal to make ImageJ use HTTPS with the updater whenever possible. It's just that when using HTTPS is infeasible e.g. because the Java version is too old, falling back to HTTP needs to remain possible (along with a warning to the user about security!).