diff --git a/0003-auth-Add-API-to-unregister-built-in-security-handler.patch b/0003-auth-Add-API-to-unregister-built-in-security-handler.patch
new file mode 100644
index 0000000..5c4a84d
--- /dev/null
+++ b/0003-auth-Add-API-to-unregister-built-in-security-handler.patch
@@ -0,0 +1,47 @@
+From 42815c7a5672edb16ab810378b7c34b3e8e74832 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
+Date: Wed, 27 Nov 2019 16:58:29 +0100
+Subject: [PATCH 3/3] auth: Add API to unregister built in security handlers
+
+If I have a VNC server that first accepts password based authentication,
+then switches to something not using password (e.g. a prompt on screen),
+the security handler from the first would still be sent as, meaning
+clients would still ask for a password without there being one.
+---
+ libvncserver/auth.c | 7 +++++++
+ rfb/rfb.h           | 1 +
+ 2 files changed, 8 insertions(+)
+
+diff --git a/libvncserver/auth.c b/libvncserver/auth.c
+index fc74c800..94b46fd6 100644
+--- a/libvncserver/auth.c
++++ b/libvncserver/auth.c
+@@ -248,6 +248,13 @@ determinePrimarySecurityType(rfbClientPtr cl)
+     }
+ }
+ 
++void
++rfbUnregisterPrimarySecurityHandlers (void)
++{
++    rfbUnregisterSecurityHandler(&VncSecurityHandlerNone);
++    rfbUnregisterSecurityHandler(&VncSecurityHandlerVncAuth);
++}
++
+ void
+ rfbSendSecurityTypeList(rfbClientPtr cl,
+                         enum rfbSecurityTag exclude)
+diff --git a/rfb/rfb.h b/rfb/rfb.h
+index f56bd47d..d1763c6c 100644
+--- a/rfb/rfb.h
++++ b/rfb/rfb.h
+@@ -856,6 +856,7 @@ extern void rfbUnregisterSecurityHandler(rfbSecurityHandler* handler);
+ extern void rfbRegisterChannelSecurityHandler(rfbSecurityHandler* handler);
+ extern void rfbUnregisterChannelSecurityHandler(rfbSecurityHandler* handler);
+ extern void rfbSendSecurityTypeList(rfbClientPtr cl, enum rfbSecurityTag exclude);
++extern void rfbUnregisterPrimarySecurityHandlers (void);
+ 
+ /* rre.c */
+ 
+-- 
+2.26.2
+
diff --git a/libvncserver.spec b/libvncserver.spec
index 668c230..49e6624 100644
--- a/libvncserver.spec
+++ b/libvncserver.spec
@@ -3,7 +3,7 @@
 Summary:    Library to make writing a VNC server easy
 Name:       libvncserver
 Version:    0.9.13
-Release:    6%{?dist}
+Release:    7%{?dist}
 
 # NOTE: --with-filetransfer => GPLv2
 License:    GPLv2+
@@ -14,6 +14,8 @@ Source0:    https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{versio
 # https://github.com/LibVNC/libvncserver/pull/234
 Patch10: 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch
 Patch11: 0002-libvncserver-Add-channel-security-handlers.patch
+# https://github.com/LibVNC/libvncserver/pull/350
+Patch12: 0003-auth-Add-API-to-unregister-built-in-security-handler.patch
 
 ## downstream patches
 Patch102: libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch
@@ -131,6 +133,9 @@ done
 
 
 %changelog
+* Mon Sep 14 2020 Jonas Ådahl <jadahl@redhat.com> - 0.9.13-7
+- Add API to unregister security handlers
+
 * Tue Aug 25 2020 Rex Dieter <rdieter@fedoraproject.org> - 0.9.13-6
 - -devel: +Requires: zlib-devel