While the page itself may appear unsecured, the data is submitted to a secure URL, so thus the information is protected before submission.

If you are concerned, then don't use the login.php as your entry point. Use index.php. If you're not logged in, you'll be redirected to the login page using a secure URL automatically.