This practice is more to prevent the user's password from being revealed than it is to prevent others from logging in as you. In a trusted environment, you may not care that someone there has access to your account, but you don't want them to know what password you chose.

Having said that, do use HTTPS when possible, but keep in mind some corporate environments force proxies that can see your traffic anyway.