Huge drawback in security! HTTP protocol is still used for admin page and mycloud.com?

It came to my notice that both wdmycloudmirror.local and mycloud.com are using HTTP protocol. I think it’s a very big drawback in security sense. This means everyone who uses network sniffing tool will see the passwords I set in plain text. How would I have faith in my personal data that’s stored in MyCloud?

The website properly redirects to a secure connection once you click on Sign In: