If you are using any version => than 2.6 you can force all admin sessions to be over ssl just add the following to your wp-config.php file:
define(’FORCE_SSL_ADMIN’, true);
Ryan Boren does a great job of explaining this and other options you have to secure your connection here.
You might also be interested in the SSL plugin incase your wordpress version does not support this.