Starting today, all VNC connections are automatically protected by a token that secures the connection to the repl. This protection is completely transparent and requires no additional action from users. Users can also access their repls with the stock noVNC client using a custom username and password, which should be generated using a password manager to make them harder to guess. The first 8 characters of the password will be considered when accessing the repl via VNC connections. When launching the noVNC client from the website, the password will be transparently filled in for users.