Secure connection options are a bit hit and miss currently:
Available over https:
webmail: https://webmail.dreamhost.com or https://webmail.example.com (note this will trigger a warning in most browsers because the SSH certificate is issued for .dreamhost.com).
Only available over http:
mailbox manager: http://mailboxes.example.com
There may be others that I have missed, but is there any reason to offer secure connections for some services but not others? The people that use these services are less likely to be following best practices in the first place, so why not make them as secure as possible? The likelihood is high that passwords which are recycled in other services are being passed over insecure connections when using either mailbox manager or phpMyAdmin.
It appears that mailbox manager can also be reached via https, but that’s not the default link in the panel. It should be.
There’s still no way to use phpMyAdmin over https.