Well I'm not at a Mac so I can't confirm but it's unfortunate to see such misinformation in this thread. I apologize for repeating it, I was too trusting of other comments.
Since you are framing in the login with webkit, why not show the URL as well? User's need to see htts://google.com or they'll assume it's a phishing attack.