hi, this is the way firefox notifies users about websites which have log-in & password fields but are not submitting them through a secure/encrypted https-connection so this kind of data is open to being intercepted during transit.

Insecure connection password warning in Firefox

This response basically restates my question. It does not indicate why this is suddenly showing up???

There may have been content on the page that is requested via an open HTTP connection.

You can see a special padlock at the left end of the location/address bar.

• a padlock with a strike through means that mixed active content is blocked.
• a padlock with an exclamation mark attached means that mixed passive content (e.g. images) is present, but not blocked.

The shield icon, previously used for mixed active content, is now used for Tracking Protection.

• https://support.mozilla.org/en-US/kb/mixed-content-blocking-firefox
• https://support.mozilla.org/en-US/kb/control-center-site-privacy-and-security-firefox

• https://developer.mozilla.org/Security/MixedContent

This 2nd response is all technical and is as useless as the 1st response. Let me restate my concern in pure layman's term: Is it DANGEROUS for me to use this site from what I have told you?

boofo said

Let me restate my concern in pure layman's term: Is it DANGEROUS for me to use this site from what I have told you?

Do you enter a user name and password on the site?

If you never log in on the site, you just read it anonymously, then the warning does not apply to you.

What could happen?

The reason for the login warning on HTTP pages is to remind you that HTTP connections transmit everything in plain text, so anyone between you and the site can grab your login.

Your site login could be used to access any information in your account on the site (e.g., email address, birthday) and/or impersonate you on that site (e.g., post spam from your account in comments, phish other users in a private message), with the potential consequence of getting banned.

On a site where you have saved payment credentials, you should always log in on an HTTPS page. Avoid using HTTP connections to such sites.

Do you use that same username and password on any other sites?

Perhaps those would not be serious problems because that particular account is not sensitive or important, but if you use that same login on other sites, it could lead to real identity theft.

Is it bad or really bad?

The login warning applies to two different scenarios but it's hard for you to tell which it is:

(1) HTTP page login form submits to HTTP address: totally insecure

(2) HTTP page login form submits to HTTPS address: the form submission is secure, but entering your login in an HTTP page increased the risk of leaking the information over an HTTP connection through other content in the page

For a long time now, most people have considered #2 "secure enough" even though it is not ideal. If you post a link to the page where you get this error, someone may be able to take a look at the form.