Pretty much everyone who uses the web has used a password to log into something. And pretty much everyone who has used a password has put that password at risk by entering it into an insecure form.
In Firefox 46 Developer Edition, we display a prominent warning to developers about this risk. When a page with a password field is not delivered securely, Firefox displays a lock with a red strikethrough in the address bar:
We’re releasing this feature in Developer Edition, since developers are ultimately the ones that need to make logins more secure on the sites they build. (There are no current plans to show these warnings to users of Beta and general release Firefox.) We’ve been displaying a warning in the Developer Tools Web Console for a long time; adding the struck-through lock icon to the URL bar makes the issue more prominent.
You can read more about this feature here.
About Tanvi Vyas
Security and Privacy Engineer at Mozilla