Chrome provides verbose warning for password fields on non-secure websites
The latest update to Chrome Canary Version (my version 56.0.2896.0 canary (64-bit)) now displays a verbose message to users where a password field is present on a non-HTTPS website.
Your connection to this site is not secure
You should not enter any sensitive information on this site (for example, passwords or credit cards), because it could be stole by attackers
The current Canary release defaults the Chrome flags setting chrome://flags/#mark-non-secure-as to the verbose state.
The “Not Secure” address bar warning is now enable via the Chrome://flags#security-chip flag (you can even animate it ooooh).
These will be enabled by default in the public release January 2017.