Index: binaries/data/config/default.cfg
===================================================================
--- binaries/data/config/default.cfg
+++ binaries/data/config/default.cfg
@@ -413,7 +413,7 @@
 history = 0                         ; Number of past messages to display on join
 room = "arena23"                    ; Default MUC room to join
 server = "lobby.wildfiregames.com"  ; Address of lobby server
-require_tls = true                  ; Whether to reject connecting to the lobby if TLS encryption is unavailable.
+tls = true                          ; Whether to use TLS encryption when connecting to the server.
 verify_certificate = false          ; Whether to reject connecting to the lobby if the TLS certificate is invalid (TODO: wait for Gloox GnuTLS trust implementation to be fixed)
 terms_url = "https://trac.wildfiregames.com/browser/ps/trunk/binaries/data/mods/public/gui/prelobby/common/terms/"; Allows the user to save the text and print the terms
 terms_of_service = "0"              ; Version (hash) of the Terms of Service that the user has accepted
Index: binaries/data/mods/public/gui/prelobby/common/encryption/encryption.js
===================================================================
--- /dev/null
+++ binaries/data/mods/public/gui/prelobby/common/encryption/encryption.js
@@ -0,0 +1,14 @@
+function initEncryption()
+{
+	Engine.GetGUIObjectByName("encryption").checked =
+		Engine.ConfigDB_GetValue("user", "lobby.tls") == "true";
+
+	for (let obj of ["encryption", "encryptionLabel"])
+		Engine.GetGUIObjectByName(obj).tooltip =
+			translate("Protect login and communication with the lobby server using TLS encryption.");
+}
+
+function updateEncryption(enabled)
+{
+	saveSettingAndWriteToUserConfig("lobby.tls", String(enabled))
+}
Index: binaries/data/mods/public/gui/prelobby/common/encryption/encryption.xml
===================================================================
--- /dev/null
+++ binaries/data/mods/public/gui/prelobby/common/encryption/encryption.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<object>
+	<object name="encryption" type="checkbox" size="40%-19 0 40% 20" style="ModernTickBox">
+		<action on="Press">updateEncryption(this.checked);</action>
+	</object>
+	<object name="encryptionLabel" type="text" size="40%+10 0 100%-20 20" style="ModernLeftLabelText">
+		<translatableAttribute id="caption">TLS Encryption</translatableAttribute>
+	</object>
+</object>
Index: binaries/data/mods/public/gui/prelobby/login/login.js
===================================================================
--- binaries/data/mods/public/gui/prelobby/login/login.js
+++ binaries/data/mods/public/gui/prelobby/login/login.js
@@ -9,7 +9,7 @@
 	Engine.GetGUIObjectByName("password").caption = Engine.ConfigDB_GetValue("user", "lobby.password").substr(0, 10);
 
 	initLobbyTerms();
-
+	initEncryption();
 	initRememberPassword();
 
 	updateFeedback();
Index: binaries/data/mods/public/gui/prelobby/login/login.xml
===================================================================
--- binaries/data/mods/public/gui/prelobby/login/login.xml
+++ binaries/data/mods/public/gui/prelobby/login/login.xml
@@ -4,10 +4,11 @@
 	<script directory="gui/common/"/>
 	<script directory="gui/prelobby/common/credentials/"/>
 	<script directory="gui/prelobby/common/feedback/"/>
+	<script directory="gui/prelobby/common/encryption/"/>
 	<script directory="gui/prelobby/common/terms/"/>
 	<script directory="gui/prelobby/login/"/>
 
-	<object type="image" style="ModernDialog" size="50%-230 50%-190 50%+230 50%+190">
+	<object type="image" style="ModernDialog" size="50%-230 50%-205 50%+230 50%+200">
 
 		<object style="ModernLabelText" type="text" size="50%-128 -18 50%+128 14">
 			<translatableAttribute id="caption">Connect to the game lobby</translatableAttribute>
@@ -17,15 +18,19 @@
 			<include file="gui/prelobby/common/credentials/credentials.xml"/>
 		</object>
 
-		<object size="0 105 100% 120">
+		<object size="0 105 100% 125">
 			<include file="gui/prelobby/common/credentials/rememberpassword.xml"/>
 		</object>
 
-		<object size="0 140 100% 250">
+		<object size="0 130 100% 150">
+			<include file="gui/prelobby/common/encryption/encryption.xml"/>
+		</object>
+
+		<object size="0 160 100% 270">
 			<include file="gui/prelobby/common/terms/termslobby.xml"/>
 		</object>
 
-		<object size="0 255 100% 370">
+		<object size="0 275 100% 390">
 			<include file="gui/prelobby/common/feedback/feedback.xml"/>
 		</object>
 
Index: binaries/data/mods/public/gui/prelobby/register/register.js
===================================================================
--- binaries/data/mods/public/gui/prelobby/register/register.js
+++ binaries/data/mods/public/gui/prelobby/register/register.js
@@ -5,7 +5,7 @@
 	Engine.GetGUIObjectByName("continue").caption = translate("Register");
 
 	initLobbyTerms();
-
+	initEncryption();
 	initRememberPassword();
 
 	updateFeedback();
Index: binaries/data/mods/public/gui/prelobby/register/register.xml
===================================================================
--- binaries/data/mods/public/gui/prelobby/register/register.xml
+++ binaries/data/mods/public/gui/prelobby/register/register.xml
@@ -4,10 +4,11 @@
 	<script directory="gui/common/"/>
 	<script directory="gui/prelobby/common/credentials/"/>
 	<script directory="gui/prelobby/common/feedback/"/>
+	<script directory="gui/prelobby/common/encryption/"/>
 	<script directory="gui/prelobby/common/terms/"/>
 	<script directory="gui/prelobby/register/"/>
 
-	<object type="image" style="ModernDialog" size="50%-230 50%-210 50%+230 50%+210">
+	<object type="image" style="ModernDialog" size="50%-230 50%-225 50%+230 50%+225">
 
 		<object style="ModernLabelText" type="text" size="50%-128 -18 50%+128 14">
 			<translatableAttribute id="caption">Registration</translatableAttribute>
@@ -25,11 +26,15 @@
 			<include file="gui/prelobby/common/credentials/rememberpassword.xml"/>
 		</object>
 
-		<object size="0 180 100% 290">
+		<object size="0 170 100% 190">
+			<include file="gui/prelobby/common/encryption/encryption.xml"/>
+		</object>
+
+		<object size="0 205 100% 315">
 			<include file="gui/prelobby/common/terms/termslobby.xml"/>
 		</object>
 
-		<object size="0 295 100% 510">
+		<object size="0 320 100% 535">
 			<include file="gui/prelobby/common/feedback/feedback.xml"/>
 		</object>
 
Index: source/lobby/XmppClient.cpp
===================================================================
--- source/lobby/XmppClient.cpp
+++ source/lobby/XmppClient.cpp
@@ -100,9 +100,9 @@
 
 	// Optionally join without a TLS certificate, so a local server can be tested  quickly.
 	// Security risks from malicious JS mods can be mitigated if this option and also the hostname and login are shielded from JS access.
-	bool require_tls = true;
-	CFG_GET_VAL("lobby.require_tls", require_tls);
-	m_client->setTls(require_tls ? gloox::TLSRequired : gloox::TLSOptional);
+	bool tls = true;
+	CFG_GET_VAL("lobby.tls", tls);
+	m_client->setTls(tls ? gloox::TLSRequired : gloox::TLSDisabled);
 
 	// Disable use of the SASL PLAIN mechanism, to prevent leaking credentials
 	// if the server doesn't list any supported SASL mechanism or the response