(+hwi and +dvadym for mentions in the text below)

Thanks for the report!

The trouble seems to be that while the registration page is on https, the login page is on http. Chrome won't allow filling on purpose, for security reasons.

We thought about this problem and it is not easy. For the special case of pages migrating from HTTP to HTTPS we have a plan of a one-time migration ( bug 571580 ), but that's not the case here.

It is actually a headache for introducing password generation as well (thus Cc-ing dvadym@ in case he has some plan for that I forgot), because if we generated password on https://fedex... and then did not fill it on the http login page, the user might see no way out.

The only workaround here so far is inspect about:settings/passwords and if you trust the http page, copy it over the first time. After that, Chrome should start filling on http.

hwi@ has been working on some interesting UI for filling in reduced security scenarios -- Hwi, has there been some suggestion to make the HTTPS->HTTP case easier for the users, or are the security concerns preventing that?