Originally posted by: BZeto
Also, how hard is it for attackers to find my computer running vnc and break the password?
The simple fix to password cracking is LONG passwords / pass-phrases. Make your passwords 15 characters or longer and include some non-alphanumeric characters. It's REALLY easy to come up with LONG, easy-to-type, easy-to-remember, but "impossible" to break passwords. Just so they are LONG.
For instance, something like ==> "Green would paneling".
This 21-character password, with two spaces between "Green" and "would", would take a LONG time to crack with any dictionary cracker. But it's simple to type and remember.
Windows XP and Server 2003 allow passwords up to 256 characters long, and allow almost any conceivable character to be used. It's too bad banks and other institutions are still stuck on 7-character-max passwords, which are easily cracked with dictionary attacks.