Both of these pop-ups are "Windows Security Challenges" like you call them. Your browser is behaving as expected. It translates the WWW-Authenticate: Negotiate header into a pop-up. It does not mean you credentials will be sent in clear text, you will end up doing Kerberos or NTLM authentication (no basic as there are no handler for that).
I don't understand your position. What are you trying to do? What is the expected result? What is a big issue and why?
- Do you want SSO to work? Meaning do you want to be seamlessly connected without having to type anything? If so, back to my first comment: https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/troubleshooting/ad-fs-tshoot-iwa
- Do you want Form Based Authentication (being prompted for username and password in HTML - this is NOT called a pop-up)? If so for all browsers? For all apps?