VNC Password Authentication vs. Windows
James Weatherall
jnw "at" realvnc.com
Fri Oct 6 11:08:00 2006
> I understand there is a challenge/response mechanism used in RealVNC
> Free Edition, but is this authentication session encrypted? What
> safeguards are in place and how do they compare with a
> default setup of Windows 2K/3K, for example?
VNC Free Edition uses a simple challenge-response scheme based on encrypting
a random challenge with up to 8 bytes of password data.
VNC Personal & Enterprise Editions set up an encrypted session between
viewer & server before exchanging passwords, which may be up to 255
characters in length.
Regards,
Wez @ RealVNC Ltd.