Someone else can step in and correct me if I'm wrong, but I decided to explore this a little. However, it's very possible I do not understand how auth works with Confluence (or with servers in general), so take this for what it's worth (almost nothing).
If you request the admin URL:
http://yoursite.com/confluence/authenticate.action?destination=/admin/console.action
Now turn on your network monitor (in my case, I used Chrome's Network tab), enter your password, and click "Confirm".
Then look at the request, it looks like it is NOT encrypted. Here's a dump of my request. The password is in the form data, in plain text:
Request URL:http://yoursite.com/confluence/doauthenticate.action
Request Method:POST
Status Code:200 OK
Request Headers
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Cache-Control:max-age=0
Connection:keep-alive
Content-Length:82
Content-Type:application/x-www-form-urlencoded
Cookie:confluence.browse.space.cookie=space-pages;
<snip>
Host:yoursite.com
Origin:http://yoursite.com
Referer:http://yoursite.com/confluence/authenticate.action?destination=/admin/console.action
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5
Form Data
password:PASSWORD
authenticate:Confirm
destination:/admin/console.action
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.