Funny how this thread has diverged from "I don't want my customers to see the mixed secure and insecure message" to one of performance. Since DNN is saying that the https and lock icon make customers feel secure, I can tell you that getting the mixed insecure message does the exact opposite, and that is what I want to avoid.

Shortly after I posted the original message, DotNetNuke fixed this site to make it go away, but now it is back.

Actually for the out-of-the-box DNN login page it should be able to be avoided by having not having all of the adds and other stuff on the login and register pages, but that requires a 2nd version of the skin.  I always create a special Login Page and have the Site Settings > Advanced Setting > Page Mn gt setting point to that page. It allows me to select a simpler skin and also eliminates the extra login page URLs that the normal setup has.  To bad that there isn't a way to do this for the register page.

While I am on the subject how about either fixing or removing the "Remember Me" check box in the account module that hasn't worked for a very long time.

Remember Me works.  It is just set to "Goldfish mode" by default. If you want to set it to something more like "Elephant Mode" you'll need to adjust the timeout.

http://www.snapsis.com/DNN-Frequently-Asked-Questions/tabid/560/forumid/10/postid/5813/view/topic/Remember-Me-not-working-for-Login.aspx