To easily enable (and enforce) administration over SSL, there are two constants that you can define in your blog's wp-config.php file.
To Force SSL Logins
The constant FORCE_SSL_LOGIN can be set to true to force all logins to happen over SSL.
define('FORCE_SSL_LOGIN', true);
To Force SSL Logins and SSL Admin Access
The constant FORCE_SSL_ADMIN can be set to true to force all logins and all admin sessions to happen over SSL.
define('FORCE_SSL_ADMIN', true);
Which Should I Use?
FORCE_SSL_LOGIN is for when you want to secure logins so that passwords are not sent in the clear, but you still want to allow non-SSL admin sessions (since SSL can be slow).
FORCE_SSL_ADMIN is for when you want to secure logins and the admin area so that both passwords and cookies are never sent in the clear. This is the most secure option.