Could I suggest 2-factor authorization or Passkey support for users accessing the Devonthink Server?
This seems to me to be in line with DevonTech’s general philosophy of privacy/security.
This can be done of course independent of Devonthink by placing a reverse proxy beween the network and Devonthink. But having that security as part of Devonthink itself would likely be more secure.