L B wrote:
Hi,
How is the "shared secret" feature supposed to work? Right now I set it on a host but I can still connect to the host with only the password entered in the viewer machine. Using Internet ID to connect, Windows 8 host, Windows 8.1 viewer.
Any input please?
Hello,
The purpose of shared secret is not to replace authorization. It's for checking the
identity of the Host. That is, if you have shared secret enabled on your Host, but don't have it enabled in your Viewer (or rather a specific connection on your Viewer), you'll still be able to connect. But not the other way around - that is, if you have a shared secret field populated in your connection properties on the Viewer, but the Host has an empty field (or a different shared secret for that matter), you won't be able to connect.
So the identity check starts at the Viewer side. If the shared secret field in the connection properties in the Viewer is disabled, then no identity check takes place at all, regardless of the Host's shared secret field value. Because the program rightfully suggests that if you didn't enter anything in the connection properties shared secret field, you do not need identity check, and hence there's no reason for not allowing remote connection. But IF there is at least any value in the shared secret field in the connection properties in the Viewer, then the program MUST check it against Host's shared secret value.