Can you send me the url of a page that says not secure? I'll take a look and see what needs to be changed. Usually you just need to redirect to the https:// version of the site to fix that problem. That is usually done in a .htaccess file.
I fixed the email verification link.
If I update the FROM address then I'll have to update the smtp username and password to match that from address. Authenticated SMTP emails usually can't be sent from a different user than the one logging on.
Is there a different password I should use as well if I update the FROM?
I'm just going to do a site wide find and replace, but I can do it for you.