The VNC password offers no meaningful level of security - it is just a false sense of safety. We have a spec for a strong authentiction & encryption mechanism to protect nova-vncproxy <-> nova-compute channel based on TLS that is preferrable https://review.openstack.org/#/q/status:abandoned+project:openstack/nova+branch:master+topic:bp/websocket-proxy-to-host-security,n,z
The VNC password offers no meaningful level of security - it is just a false sense of safety. We have a spec for a strong authentiction & encryption mechanism to protect nova-vncproxy <-> nova-compute channel based on TLS that is preferrable https:/ /review. openstack. org/#/q/ status: abandoned+ project: openstack/ nova+branch: master+ topic:bp/ websocket- proxy-to- host-security, n,z