Is it the drop-down that appears on password fields, for example, on my test page here:

http://www.jeffersonscher.com/res/logintest.html

(Don't enter any real login on that page)

That is to remind you that your login is not protected from interception because there is no encryption on HTTP connections, your username and password are sent out over the network as plain text.

That warning panel should appear below the user name and/or password field, but depending on the site's styling, it might block the field. In that case, you can clear it by tapping the Esc key.

Sometimes if I am on a page with an insecure login form and I enter asdf in both the username and password, the site switches me to a secure error page where I can enter my real login.

If you do not want to see the warning on your HTTP logins, you can remove it permanently as follows:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste insec and pause while the list is filtered

(3) Double-click the security.insecure_field_warning.contextual.enabled preference to switch the value from true to false

(4) Assume this login could be easily stolen and avoid re-using it on important sites

Does that help? Is there still a problem logging in?

Thank you for your quick response. Neither of the things you suggested has worked. Here is a screen shot: https://prod-cdn.sumo.mozilla.net/uploads/images/2019-01-05-08-50-09-9b6441.png

Hmm, that appears when you load the page, or when you fill and submit the login form?

Secure-to-Insecure Form Submit Warning

That dialog normally appears when you have filled a form on a secure page -- has an HTTPS address -- but the form is being submitted to an insecure page -- has an HTTP address. Firefox wants you to know the submission will not be private.

However, the login form on this page submits to a secure -- HTTPS -- address, so that doesn't seem to be the explanation here.

Something Else

In your screenshot, I don't see any data in the form, so it's not clear why you are getting that dialog. Possibly a bad add-on is modifying the page to steal information from you. To investigate that:

Could you test in Firefox's Safe Mode? In its Safe Mode, Firefox temporarily deactivates extensions, hardware acceleration, and some other advanced features to help you assess whether these are causing the problem.

If Firefox is not running: Hold down the Shift key when starting Firefox. (On Mac, hold down the option/alt key instead of the Shift key.)

If Firefox is running: You can restart Firefox in Safe Mode using either:

• "3-bar" menu button > "?" Help button > Restart with Add-ons Disabled
• (menu bar) Help menu > Restart with Add-ons Disabled

and OK the restart.

Both scenarios: A small dialog should appear. Click "Start in Safe Mode" (not Refresh).

Any improvement?

Thank you again for response. This happens when you fill and submit the login form. The password disappears and does not send. Nothing is allowed until the error box is cleared. There is no difference in safe mode.

That is the formPostSecureToInsecureWarning.message

• chrome://global/locale/browser.properties

As posted above, this form is submitted to a secure link and thus shouldn't cause this message to appear.

If you use extensions ("3-bar" menu button or Tools -> Add-ons -> Extensions) that can block (wanted) content (Adblock Plus, NoScript, Disconnect, Ghostery, Privacy Badger, uBlock Origin) always make sure such extensions do not block (wanted) content.

• make sure your extensions and filters are updated to the latest version
• https://support.mozilla.org/en-US/kb/troubleshoot-extensions-themes-to-fix-problems

Hi e_minor_pentatonic, could you try this page:

https://www.christiandl.com/login2/

(That's the page I get when logging in with asdf asdf as my credentials.)

Note: This server uses an IPv6 address. I don't whether that is a factor in the problem on your Firefox. cor-el may have a better idea.

does the same thing

It's troubling that a form submission which is supposed to go to an HTTPS address is instead, on your Firefox, going to an HTTP address. It seems something is modifying the page for some reason.

Do you have any external software that intercepts your browsing? For example, security suites or parental filtering.

No I don't. This happens on other computers as well and with other browsers

I also turned off all virus protection and it did not help. Started windows in safe mode, no success

Could you power-cycle your router? By that I mean, disconnect it from A/C power for 10 seconds, then plug it back in to reboot it.

I have also tried this as well. Others on the forum don't seem to have have the same problem

You definitely should not have this problem. I consider it suspicious, as though there is a program or process that wants to steal your passwords by submitting them insecurely.

Perhaps the next step is to check for malware: Troubleshoot Firefox issues caused by malware.

What do you see in the form when you right-click in one of the input fields and open the Inspector?

Go up in the DOM tree until you see the 'form' tag like in the screenshot I posted above.

• https://developer.mozilla.org/en-US/Tools/Page_Inspector

here it is https://prod-cdn.sumo.mozilla.net/uploads/images/2019-01-05-13-00-11-8e2dcf.png

OK. This hows that the form is submitted to

• http://christiandl.com/login2/

This is different than what we see.

Clear the Cache and remove the Cookies from websites that cause problems via the "3-bar" Firefox menu button (Options/Preferences).

"Remove the Cookies" from websites that cause problems:

• Options/Preferences -> Privacy & Security
  Cookies and Site Data -> Manage Data

"Clear the Cache":

• Options/Preferences -> Privacy & Security
  Cookies and Site Data -> Clear Data -> Cached Web Content: Clear

You can remove all data stored in Firefox from a specific domain via "Forget About This Site" in the right-click context menu of an history entry ("History -> Show All History" or "View -> Sidebar -> History").

Using "Forget About This Site" will remove all data stored in Firefox from this domain like history and cookies and passwords and exceptions and cache, so be cautious. If you have a password or other data from that domain that you do not want to lose then make sure to backup this data or make a note.

You can't recover from this 'forget' unless you have a backup of involved files.

If you revisit a 'forgotten' website then data from that website will be saved once again.

• https://support.mozilla.org/en-US/kb/delete-browsing-search-download-history-firefox

Thank you for trying to help, however, these suggestions have not cured the issue.

Hi e_minor_pentatonic, it's difficult to understand how the code of the forms is different but look the same on the page (code screenshot comparison attached). It still seems suspicious, particularly if it happens on multiple sites.

Hi e_minor_pentatonic,

look on this thread, i give in some Solutions.

Insecure connection

Reply back,pls.