Idea: some things about SRP.

So one larger thing I do not think as awesome on Wayk now is that SRP (the auth method for unattended access) runs on the windows accounts and basically accepts anyone who is an admin, which is a simple way to run it but in my opinion especially due to my experience on what I have seen people's PCs running it

1) let people to disallow this on the server side in the first place, an always on remote control function that cannot be disabled just because one has to install the service because UAC and stuff, is frankly ridiculous.

2) should be disabled by default (aka use the service only for privilege upgrades and maybe auto-updates)

Reason: normal people generally do not want to grant people remote access without knowing

3) should by default NOT run on Windows Accounts but rather on custom set credentials (similar to others by setting one or multiple credentials specific to remote access)

Reson: most private and even enough small company PCs (like in too small to run a domain in an everyone trusts everyone kind of small company) either use ridiculously weak or no passwords at all for even admin accounts, and I think we all agree that this should not really be an entrance for full remote control.

4) allow setting up a custom group for Users allowed to Wayk into a machine.

I am aware that an admin already can basically do anything but there is in my opinion a very wide border between being able to admin a computer and being able to do that REMOTELY, UNSUPERVISED.

4) (in case it's not already done, I didnt try, also not only for SRP but normal password as well) Bruteforce protection
to at least keep crude attempts of getting in unallowed out.


note that I have nothing against the SRP protocol in General, but just that it's forced upon people and the use of it is often not really safe due to circumstances not SRP's fault (badly secured windows accounts on Machines that do not need any real Security) make it worse than it could be