If you want to know about protecting your
wordpress.com login with SSL, you can read the support page about it. It shows you the checkbox you need to tick. You need to enable it first (Users -> Personal Settings: Browser Connection checkbox). It does not forces logins automatically to SSL.
The rest is somehow misleading: No, it must not slow down, and no, you should not disable mixed content warnings. Even if it’s for *.wordpress.com “only”.
Next to that I’m a bit puzzled about the fact that secure cookies are shared across all worpdress.com subdomains which not per-se must be problematic, but it’s available in the plugins dir as well, not only for the admin.
Anyway, this is probably the impact of firesheep and worpdress.com is in the process of adapting. The firesheep developer is asking around site owners what the problems are to adopt securely to SSL and to learn about the problems in the way. See codebutlers blog. Nice move! EFF is covering the topic as well from both sides, hosters and users.