I noticed that after installing BlogEngine.Net I was able to login to manage the services.  I also noticed that I was doing this using HTTP instead of HTTPS.  This may be fine if I am sitting on the server running the service but it is definitely not how I want to connect when I am sitting in my office...  I get the impression that many people don't want to deal with SSL and figure what the heck, it's only my blog. 

But interestingly enough I believe many people use the same password for most of their logins.  So I would recommend that you seriously consider using SSL when logging into BlogEngine.Net.   If you are hosting your own blog service than you have a couple of options:

• » Use a self-signed certificate (selfssl.exe found in the Windows IIS Resource Kit)
• » Purchase a very expensive certificate from someone like Verisign
• » Get a free certificate from StartSSL

If you are not hosting your own blog service than you might want to check with your provider for their SSL offerings. 

Another thing worth mentioning is how you would control the switch from HTTP to HTTPS to HTTP when you are logging into your blog.  I use Sanibel Logic's SSLRedirect to handle this task and it works perfectly.

Cheers!