Just changing the form action will not provide security. If the user types logon information on a non-secure form then sends it un-encripted to a secure page on your site, its exposed in the form post data at that point.
I think you are better to intercept the user on the http:/... checkuser.php and redirect them to the https:/... secureuser.php
Either use a redirect with java script, or the http header redirect.
or redirect using .htaccess file or http.config file with an Apache server. redirect-to-ssl-using-apaches-htaccess
As for hot mail and yahoo mail there is a line to switch to a secure login. I don't usually use the https email, just depends on how paranoid you are about your email. If I had to use it in a web cafe or something I'd more likely use https mail.
Here's an interesting descussion on bank login URL=http://www.squarefree.com/2005/05/28/banks-and-https/]banks-and-https[/URL]