diff --git a/smack-extensions/src/main/java/org/jivesoftware/smackx/iqregister/AccountManager.java b/smack-extensions/src/main/java/org/jivesoftware/smackx/iqregister/AccountManager.java
index b0ec24d08..94d42042c 100644
--- a/smack-extensions/src/main/java/org/jivesoftware/smackx/iqregister/AccountManager.java
+++ b/smack-extensions/src/main/java/org/jivesoftware/smackx/iqregister/AccountManager.java
@@ -22,6 +22,7 @@ import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
 import java.util.WeakHashMap;
+import java.util.logging.Logger;
 
 import org.jivesoftware.smack.Manager;
 import org.jivesoftware.smack.PacketCollector;
@@ -42,6 +43,9 @@ import org.jxmpp.util.XmppStringUtils;
  * @author Matt Tucker
  */
 public class AccountManager extends Manager {
+
+    private static final Logger LOGGER = Logger.getLogger(AccountManager.class.getName());
+
     private static final Map<XMPPConnection, AccountManager> INSTANCES = new WeakHashMap<XMPPConnection, AccountManager>();
 
     /**
@@ -59,6 +63,35 @@ public class AccountManager extends Manager {
         return accountManager;
     }
 
+    private static boolean allowSensitiveOperationOverInsecureConnectionDefault = false;
+
+    /**
+     * The default value used by new account managers for <code>allowSensitiveOperationOverInsecureConnection</code>.
+     *
+     * @param allow
+     * @see #sensitiveOperationOverInsecureConnection(boolean)
+     * @since 4.1
+     */
+    public static void sensitiveOperationOverInsecureConnectionDefault(boolean allow) {
+        AccountManager.allowSensitiveOperationOverInsecureConnectionDefault = allow;
+    }
+
+    private boolean allowSensitiveOperationOverInsecureConnection = allowSensitiveOperationOverInsecureConnectionDefault;
+
+    /**
+     * Set to <code>true</code> to allow sensitive operation over insecure connection.
+     * <p>
+     * Set to true to allow sensitive operations like account creation or password changes over an insecure (e.g.
+     * unencrypted) connections.
+     * </p>
+     *
+     * @param allow
+     * @since 4.1
+     */
+    public void sensitiveOperationOverInsecureConnection(boolean allow) {
+        this.allowSensitiveOperationOverInsecureConnection = allow;
+    }
+
     private Registration info = null;
 
     /**
@@ -226,6 +259,11 @@ public class AccountManager extends Manager {
      */
     public void createAccount(String username, String password, Map<String, String> attributes)
                     throws NoResponseException, XMPPErrorException, NotConnectedException {
+        if (!connection().isSecureConnection() && !allowSensitiveOperationOverInsecureConnection) {
+            // TODO throw exception in newer Smack versions
+            LOGGER.warning("Creating account over insecure connection. "
+                            + "This will throw an exception in future versions of Smack if AccountManager.sensitiveOperationOverInsecureConnection(true) is not set");
+        }
         attributes.put("username", username);
         attributes.put("password", password);
         Registration reg = new Registration(attributes);
@@ -245,6 +283,11 @@ public class AccountManager extends Manager {
      * @throws NotConnectedException 
      */
     public void changePassword(String newPassword) throws NoResponseException, XMPPErrorException, NotConnectedException {
+        if (!connection().isSecureConnection() && !allowSensitiveOperationOverInsecureConnection) {
+            // TODO throw exception in newer Smack versions
+            LOGGER.warning("Changing password over insecure connection. "
+                            + "This will throw an exception in future versions of Smack if AccountManager.sensitiveOperationOverInsecureConnection(true) is not set");
+        }
         Map<String, String> map = new HashMap<String, String>();
         map.put("username",XmppStringUtils.parseLocalpart(connection().getUser()));
         map.put("password",newPassword);