PopTop is a server implementation of the Point-to-Point Tunneling Protocol (PPTP).
PPTP is Microsoft's invention, and it was their VPN protocol of choice until a few years ago. It uses MSCHAPv2 authentication and GRE tunneling with a particular RC4-based encryption scheme called MPPE (Microsoft Point-to-Point Encryption).
The MSCHAPv2 handshake has a fatal flaw
that makes it possible for a listening third-party to find a PPTP password hash relatively quickly using a brute-force algorithm. And although there's no easy way to turn a password hash into a plaintext password, another weakness in the MSCHAPv2 algorithm ("password-equivalent hashes" - now there's a contradiction in terms) means you don't actually need the password to authenticate. The hash will do just fine.
This means one should not use PPTP over an unsecured network. As PPTP is a VPN protocol, it's main use is precisely for setting up VPN tunnels over public, insecure networks, so that means PPTP is fundamentally broken.
In other words: Don't use PPTP, which means don't use PopTop.