We all know that passwords should only be transmitted over secure connections; in the case of web pages, that means HTTPS (SSL/TLS-encrypted). Unfortunately, though, not all web sites do this, and users are often unaware if they don’t bother to check the URL. It will be more difficult to ignore with Firefox displaying an icon that consists of a lock with a red strike-through if passwords are requested on pages that aren’t secure.
Read more here:
http://www.securityweek.com/firefox-warns-password-requests-over-http