Suggestion: use https all the way


#1

Right now it’s not secure even if you use https domain because authorization request is sent over http, the password is unencrypted over the connection.


#2

Use any password then, setting up SSL is not the top priority at the moment, but if it doesn’t happen in the alpha it will surely happen in future releases.