Login security question
Posted: Thu Feb 14, 2013 9:22 pm
I've installed the trial version.
Created a user, lets say "test", and created the connection successfully from a remote location.
I have repeated this login 4 times from 3 separate locations, android tablet and vista laptop from home, a windows 7 PC at work and an Ipad at a friends house.
My question is:
If all I need to establish the connection and install the client is a username and password, then the security is only as good as the username and password.
shouldn't the login only work once for a given username/password and when the connection is established you could only connect from that machine?
If someone where to guess the username/password combo, then they would have whatever time exists between establishing the connection and being discovered, to do what ever they wished.
am i missing something here?
Created a user, lets say "test", and created the connection successfully from a remote location.
I have repeated this login 4 times from 3 separate locations, android tablet and vista laptop from home, a windows 7 PC at work and an Ipad at a friends house.
My question is:
If all I need to establish the connection and install the client is a username and password, then the security is only as good as the username and password.
shouldn't the login only work once for a given username/password and when the connection is established you could only connect from that machine?
If someone where to guess the username/password combo, then they would have whatever time exists between establishing the connection and being discovered, to do what ever they wished.
am i missing something here?