Add delay after wrong password input #112
Labels
feature-request
New feature or request
Comments
bk138
added
feature-request
bk138
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Its a security bug i want to report
I was recently doing a bug bounty on this server and i was easily able to crack password using brute force attacks.. It means its not so safe.. There is no firewall that blocks user who is trying to authenticate multiple times..
What i suggest to secure this app:-
#1 add a nice firewall that closes the vnc server when a user authenticates wrong this will prevent brute force attacks and dictionary attacks.. I wont suggest u to block a user as pro hackers could use multiple ip addresses
#2 add a default password that is good and random generated everytime app is opened.. I wont suggest algorithm for it just use random statement.. What if algorithm gets leaked.. It will be good for people who are lazy to put password..
#3 add warning or disable removing password and there should be rules for adding password so that every user adds a good password
Thats all i suggest!
Good luck 👌
The text was updated successfully, but these errors were encountered: