If you have a form on your website where one of the fields is of the `type="password"`, the page will now be marked as insecure in your browser if it is served over a plain HTTP connection.

I guess this behaviour will become the default in all major browsers sooner than later.