Only a password verifier is stored on the local computer. During authentication, the password is never transferred directly because the Secure Remote Password (SRP) protocol is used. Despite the encryption, the password is never sent directly, but only through a challenge-response procedure, and is only saved on the local computer.
The PKI (Public Key Infrastructure) effectively prevents “man-in-the-middle-attacks” (MITM). However, TeamViewer still recommends adhering to industry best practices for password creation to ensure the highest levels of security.Įach TeamViewer client has already implemented the public key of the master cluster and can thus encrypt messages to the master cluster and check messages signed by it. This means that strong security can even be obtained using weak passwords. An infiltrator or man-in-the-middle cannot obtain enough information to be able to brute-force guess a password. For authorization and password encryption, Secure Remote Password protocol (SRP), an augmented password-authenticated key agreement (PAKE) protocol, is used. All Management Console data transfer is through a secure channel using TLS (Transport Layer Security) encryption, the standard for secure Internet network connections.
