Postby redge » 2005-06-28 00:45

*** allowed only 8 caracters and VNC Server do not have any default password from factory ***
examples: 12345678 or abcdefgh or 1234abcd or Ultr@VNC

Message after install: VNC default password not set

VNC Server won't let you connect without supplying a password unless the server is explicitly configured to use No Authentication.

"No Authentication" option is NOT recommended as it is a serious security risk. Use it only if you know exactly what it implies...

To configure the WinVNC server password:
- Right click on the VNC Tray icon (if no icon, Run Start Menu/programs/UltraVNC/UltraVNC Server)

- In the password field, enter your password
8 chars is recommended. Choose a password as a mix of special characters ( !@?!{... ), digits and letters so it's hard to guess, and reduces the risk of dictionary brute force attack.

(when entering the password, you can see the classical **** chars (or ||||) used to hide what you are typing)

- Click "Ok"

- You can know connect to this server using a vncviewer and the chosen password

- UVNC 3.3.6 based alpha/numerical password is 8 caracters maximum
(no respect this point should always fail with dsmplugin enabled)

UltraVNC is based on VNC 3.3.6 but also features MS-Logon authentication that allows 32 characters password. So it's always better to use MS-Logon method if you can.

* The MSRC4 Encryption plugin adds another level of security for the authentication:
- It requires a key file on both sides: a viewer that doesn't have the (your) good key file can't even start to try to authenticate.
- It encrypts the authentication handshaking process between the viewer and the server.

So it is recommended to use this plugin to get even stronger authentication security.
