When to use SSL Certificate

[eluser]zknight[/eluser]
I am working on an app and just want to check to see if there is a protocol or best practice for when to secure a page(s).

I have seen some forum posts that talk about the difficulty of making some pages secure and others not, so would it be wise or overkill to secure the whole site?

Or just the log in page and not the rest?

Or the whole backend?

It isn't going to be processing any 'sensitive' data per se, and not financial data either so do I need to bother at all? (But clients are justified in being concerned that their data is secure).

I would be interested in some guidance, thank you.

[eluser]stuart_g[/eluser]
It sounds as though https would be overkill for your purpose. Even with https, the website will only be as secure as the usernames/passwords of your users, which in my experience is usually very insecure (unless you allocate them yourself and don't allow password alterations).

[eluser]zknight[/eluser]
Thanks for the feedback.

[eluser]Xaris[/eluser]
All the pages that our customers have to login are on SSL. They "feel" that they are in a more secure environment.
I agree with stuart_g that also the username/password have to be strong, but that's no issue for us, as we provide them with these.