I think the intention of that message is good.
Problem is that message pops up pretty much on any site without an https certificate.
Just browsing sites with HTTP will not activate this warning. The popup is displayed, if and when you try to login to site site via HTTP instead of HTTPS link. In my view, it is a useful warning, especially for sites that normally do have HTTPs based login pages, but hackers redirected the site to an HTTP site for harvesting authentication credentials...
Safari 10.1.2 on my mac does not display this warning, but does offer saving the login credentials.
Opera displays the security warning for this site:
And so does Firefox:
Mac-Forums is not an ecommerce site (buying and selling of goods and services, or the transmitting of funds or data, over an electronic network)...thus no one is entering a lot of personal information that could be at risk (phone numbers, home address's, credit card numbers, etc.). Thus no issue.
- Nick
You are correct, the Mac-Forum is not an ecommerce site, but...
The login credentials are easy to intercept, when they are in plain text in transit, and steal whatever information is available within the profile. It's sort of interesting that this forum requires complex password; however, it does not secure it in transit. Sort of defeats the purpose it seems...
While I don't doubt that the Mac-Forum is reasonably secure, maybe more so than other forums, it would not hurt implementing HTTPS for all the connections to the forum, including authentication. The chances are that the forum's hosting company supports
Let'sEncrypt, in which case it's relatively easy to add HTTPS. And it's also free...