Aday, This is a well-known (see http://www.realvnc.com/faq.html) limitation of the classic VNC Password authentication scheme. This was necessary because when we were first developing VNC, many Unix platforms would return no more than eight characters from getpasswd(), with no indication that what the user typed had been truncated!
Cheers, Wez @ RealVNC Ltd > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Aday > Sent: 23 February 2007 08:25 > To: vnc-list@realvnc.com > Subject: Security: Partial Passwords > > Hi! > > > > It doesn't look like RealVNC is aware however, in 4.1.2 > (Unsure about other > versions, not that anyone should be using them anyway :P) > Say your password is set to: vncrealtest (as that is a 11 > character password > - it seems the last 3 characters are affected) > It seems this sometimes depends on the number of characters > in a password, > this was tested on 3 different computers, all running 4.1.2. > > Now set your client to access the VNC server - then instead > of typing the > FULL password, only leave off the last 3 letters/numbers. > > So, password: vncrealt <-- will let you in without the FULL password, > also, if you stick literally ANYTHING after the password, like: > vncrealtomghaxhaxhax > That will let you in also. > > Just a heads up > > ~ Aday > _______________________________________________ > VNC-List mailing list > VNC-List@realvnc.com > To remove yourself from the list visit: > http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list VNC-List@realvnc.com To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
