Rated 2 out of 5 stars

The plugin has both false positives and false negatives:
- It does not detect password fields inside an IFRAME (even if the site containing the IFRAME is unencrypted too).
- It claims e.g. the password field for addons.mozilla.org to be insecure because it uses JavaScript.

If the false negatives can be eliminated, and a list of excepted sites is included, the plugin will be quite useful.