From: Oslo, Norway
you must be kidding ?
Nope, at least the last time I checked, about a year ago. And I doubt they've changed it since.
Really I wouldn't worry too much about anyone being interested in your PBEM++ password, unless you use the same password also for the email address (which is also sent btw). And why would anyone care about a game serial number, right?
I just think it's a good indication of the lazy way the whole PBEM++ system is implemented, bugs included.
These days when we're encouraged to always check our web logins are encrypted, companies like Matrix, Sliterine and Battlefront seem to still exist in some kind of limbo of about 15 years ago when little was encrypted and no-one cared anyway, because the internet was a safe place