Throw exception if account creation or password change is performed over insecure connections

No, there is AccountManager.sensitiveOperationOverInsecureConnection(boolean allow). Right now Smack does only log a warning if the boolean is not set, this will change in a future version of Smack, so that an exception is thrown.

If a client will be using this version of Smack, it won't be able to create an account or change a password over insecure connection?