It used to default to https://, I know this because the password stored in my browser is for https:// and the form no longer pre-populates. Was the change made on purpose? Changing the to the https:// URL manually still allows me to login.
We moved to https for a few things a few months ago. Then we discovered that there were some problems with that shift. None of the volunteers offered to fix the problems and I determined that the downsides outweighed the upsides so turned https off until the problems are fixed.