Is Windows Remote Desktop connection secure

Posted on 2016-08-28
Medium Priority
Last Modified: 2016-08-28
We just came up with a link that would supposedly secure a Windows Remote Desktop connection (see link below)


Open in new window

We always thought that RDP was secure until we saw this link.  That means that without setting this up, the connection to the remote computer is totally open and eyes can come in and spy on.


without the setup described in the link, RDP is not secure?

If we must follow the link in order to make it secure, this has to be done in both computers?

Please advice on what to consider.

Thank you in advance.
Question by:rayluvs
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 30

Expert Comment

ID: 41774237
Most windows  RDP servers have an SSL certificate (3rd party or self issued) using port 443.
RDP itself is an encrypted session.
So they should be encrypted depending upon who set it up.

Author Comment

ID: 41774246
Please note, we are referring to Windows Remote Desktop, we don't use no 3rd party apps.

That sais, and besides our use of computer-to-server, we also use computer-to-computer; would this also be secured (computer-to-computer)?
LVL 20

Expert Comment

by:Russ Suter
ID: 41774248
Peer-to-Peer RDP on Windows machines is not considered absolutely secure. I can tell you from personal experience that using it in a PCI environment causes a fail in an audit. You can make a fully secure remote desktop system if you use RDS and go through the extra steps of securing the communication using an SSL layer.

All that being said, for most practical purposes, Windows RDP, even peer-to-peer, is secure enough for most standard cases as long as you set it up to only allow more secure connections.
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 41774253
Thanx for the info.

So to go back to our original question,

Without the setup described in the link, RDP is not secure?

If we must follow the link in order to make it secure, this has to be done in both computers?

LVL 20

Accepted Solution

Russ Suter earned 2000 total points
ID: 41774255
Following the instructions in the link will definitely enhance the security. However TLS 1.0 is no longer considered fully secure although to truly exploit its vulnerability requires some serious hardware. Without following the advice in the link you're at the mercy of Windows security which is basically an oxymoron.

Author Comment

ID: 41774260
Ok, that answer the first part; the; last part of the question,

so by following the link to set the additional security, should this be done in both computers?
LVL 20

Assisted Solution

by:Russ Suter
Russ Suter earned 2000 total points
ID: 41774263
It needs to be done on each PC that will be on the receiving end of the RDP session. If you're on a computer that will never receive an RDP request then you don't need to do anything. RDP is disabled by default.

Author Comment

ID: 41774265

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

At the beginning of the year, the IT world was taken hostage by the shareholders of LogMeIn. Their free product, which had been free for ten years, all of the sudden became a "pay" product. Now, I am the first person who will say that software maker…
Like many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise. For others, a clou…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question