In my environment I use mslogin security so the viewer must provide their windows credentials to login.
I would love to see the additional authentication options controlled by the server configuration. The options would need to be made available in the viewer of course as well.
Two Factor Authentication
MSLOGIN + Group Password
I am not sure if this already is in place or not, but it would be cool to force both the shared group key (view only or interactive) and login credentials. Since keys can be long, A historic list of keys would be a good idea like what is in place for recent computer/ip hostnames in the viewer.
MSLOGIN + Pre-Shared Certificate
This would allow for a wonderful level of security.
Complex group password
It would be wonderful if we could use up to a 128 character password (a-z, A-Z, 0-9, and Special Characters). While People are aware it would break compatibility with some weaker VNC products, I think it would be well worth it.
TLS (Requires Pre-shared Certificates)