diff --git a/CHANGELOG.md b/CHANGELOG.md
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## Req 0.3.1
+
+* Added `basicAuthUnsafe`.
+
 ## Req 0.3.0
 
 * Made URL parsing functions `parseUrlHttp` and `parseUrlHttps` recognize
diff --git a/Network/HTTP/Req.hs b/Network/HTTP/Req.hs
--- a/Network/HTTP/Req.hs
+++ b/Network/HTTP/Req.hs
@@ -175,6 +175,7 @@
     -- *** Authentication
     -- $authentication
   , basicAuth
+  , basicAuthUnsafe
   , oAuth1
   , oAuth2Bearer
   , oAuth2Token
@@ -1180,7 +1181,19 @@
   :: ByteString        -- ^ Username
   -> ByteString        -- ^ Password
   -> Option 'Https     -- ^ Auth 'Option'
-basicAuth username password = asFinalizer
+basicAuth = basicAuthUnsafe
+
+-- | An alternative to 'basicAuth' which works for any scheme. Note that
+-- using basic access authentication without SSL/TLS is vulnerable to
+-- attacks. Use 'basicAuth' instead unless you know what you are doing.
+--
+-- @since 0.3.1
+
+basicAuthUnsafe
+  :: ByteString        -- ^ Username
+  -> ByteString        -- ^ Password
+  -> Option scheme     -- ^ Auth 'Option'
+basicAuthUnsafe username password = asFinalizer
   (pure . L.applyBasicAuth username password)
 
 -- | The 'Option' adds OAuth1 authentication.
diff --git a/req.cabal b/req.cabal
--- a/req.cabal
+++ b/req.cabal
@@ -1,7 +1,7 @@
 name:                 req
-version:              0.3.0
-cabal-version:        >= 1.10
-tested-with:          GHC==7.8.4, GHC==7.10.3, GHC==8.0.2
+version:              0.3.1
+cabal-version:        >= 1.18
+tested-with:          GHC==7.8.4, GHC==7.10.3, GHC==8.0.2, GHC==8.2.1
 license:              BSD3
 license-file:         LICENSE.md
 author:               Mark Karpov <markkarpov92@gmail.com>
