Comment 3 for bug 1450294

The VNC password offers no meaningful level of security - it is just a false sense of safety. We have a spec for a strong authentiction & encryption mechanism to protect nova-vncproxy <-> nova-compute channel based on TLS that is preferrable https://review.openstack.org/#/q/status:abandoned+project:openstack/nova+branch:master+topic:bp/websocket-proxy-to-host-security,n,z