The communication protocol is made by a well-known security company named paragonie, which supports and loves the open-source community.
So, without HTTPS the communication is secured by default, but we can use both of them for extreme security (Recommended).
Generally, any password manager's popularity always increases when any security feature is added.
I hope that I made all my points clear.
Application-level encryption (ALE) is very important to secure communications end-to-end between Passky-Server, Passky-Website, and other clients.
Fortunately, while the infrastructure already exists, which will boost the development can be concluded in the following:
1- To secure Passky-Server in PHP side, I suggest using sapient.
2- To secure Passky-Website in Javascript side, I suggest using sapient-js.
The communication protocol is made by a well-known security company named paragonie, which supports and loves the open-source community.
So, without
HTTPSthe communication is secured by default, but we can use both of them for extreme security (Recommended). Generally, any password manager's popularity always increases when any security feature is added. I hope that I made all my points clear.Thanks