For a time, Bank of America's main page was http://, even though you entered your account information into a secure form. Some people raised a stink and they changed it. Before that occurred, I decided to use one of NoScript's features to force the entire domain bankofamerica.com to use https://.
For a while it worked great until a few months later when I signed up for another service on their website that monitored your credit report activity. For about a week, every time I clicked on the link to take me to the login page for that service, I would get a page that told me the link was broken. After calling customer support a few times to see if the site was functional, I realized that the redirect script/server didn't support https, and that I was getting a dead redirect as a result.
I think forcing https on domains is a good idea, but it can be easily undermined by one link in the chain not playing nice.