hi Deafrocks, the mixed content warning indicates that although the site is loaded or supposed to be loaded through a secure/encrypted https-connection it contains passive elements like images that are embedded through a normal http-only-connection - this isn't really a security issue as all active components like scripts that might alter the behaviour of the website and that come through http would be blocked in this circumstance.

however if you want to block insecure passive elements on https websites as well, this would be the way to do it: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.mixed_content.block_display_content. double-click it and change its value to true (it might cause visual breakage on some websites).

I can't believe a company would purposely create any security question on their login page. Probably it was an oversight. Anyway, the insecure retrieval is caused by this line of code:

<link rel="apple-touch-icon" href="http://a2.mzstatic.com/us/r30/Purple49/v4/c1/ee/a2/c1eea24c-8bcb-fb69-ca2e-ea4b9090fb15/icon175x175.jpeg">

Someone over there should fix that!

I see this message in the Web Console when I filter for 'mixed'.

Loading mixed (insecure) display content “http://a2.mzstatic.com/us/r30/Purple49/v4/c1/ee/a2/c1eea24c-8bcb-fb69-ca2e-ea4b9090fb15/icon175x175.jpeg” on a secure page[Learn More]