Is a signon to an SSL site from an http:// page secure?

[Ted Roche]

I always thought that you needed to be using an https:// page before  
sending user names and passwords to log in. My credit union claims  
this isn't true, and that since clicking the signon button takes you  
to an SSL page, the information typed in is transmitted securely. I  
have my doubts. Here's a portion of their claim, from the front page  
of http://www.navyfcu.org. I'd welcome opinions.

"Your experience online is very important to Navy Federal, and the  
Account Access Sign On is conveniently located on our Navy Federal  
home page. However, you may have recognized that, when you are on the  
home page, the familiar security symbols do not appear in your  
browser to symbolize that the page is secure. In fact, the home page  
itself is informational and not encrypted. Therefore it does not  
display the familiar “Lock” symbol in the bottom right–hand corner,  
nor does the address line begin with https. However, it is “safe” to  
enter your sign-on information from the home page. Your Access  
Number, User ID and Password are not transmitted until you click the  
“Sign On” button. After you click the “Sign On” button, a secure,  
encrypted connection is established between your personal computer’s  
browser and our Navy Federal systems, using Secure Socket Layers  
(SSL). After you click “Sign On”, you can validate that SSL is being  
used by seeing that “https” is displayed at the beginning of the data  
in your browser’s address line."