Remote Desktop is a Windows service that allows users to connect to a computer from another computer using the Remote Desktop Connection client. It is a useful service, but it comes with security risks. This article will show you how to secure your Remote Desktop Connection.
Steps
Step 1. Limit the number of users who can access the Remote Desktop
Right-click on the "Computer" icon, select "Properties", click "Configure Remote Access" and in the "Remote Desktop" group, check the "Allow connections from computers" option. Click "Select Users" and add / remove users who are allowed / denied to connect to the remote computer.
In most versions of Windows, users in the administrative group can still access the remote computer. If you want to change this, click Start - Run and type
2% SystemRoot% \ system32 \ secpol.msc / s
Step 3. Open the Local Policies folder and then open the User Rights Assignment folder
Open the "Allow logins through Remote Desktop Service" entry and delete "Administrators" (under the "Local Security Setting" tab). If you want to grant access to a remote computer to a specific administrator, you can do this using the method described above.
Step 4. Set the maximum number of password attempts after which the user will be blocked
In the Local Security Policy window, open the Account Policies folder, and then open the Account Lockout Policy folder. There are only three entries in this folder - "Time until the lockout counter is reset", "Account lockout duration" and "Lockout threshold" (this option determines the maximum number of password attempts after which the user will be locked; change the value to the one that you see fit).
If you want to manually unblock a blocked user, click "Start" - "Administrative Tools" - "Computer Management". Click on "Local Users and Groups", open the blocked user and uncheck the box next to "Account is blocked"
Step 5. Open remote desktop access only from specific IP addresses (an IP address is a unique combination of numbers that identifies a computer)
To do this, open the Windows Firewall settings (via the Windows Control Panel). In your firewall settings, open the Exceptions tab and highlight Remote Desktop. Click Change and then click Change Scope.