๐ย Secure Bits ๐ก
๐๐ผ ๐๐ผ๐ ๐๐๐ฒ ๐ฅ๐๐ฃ ๐ฟ๐ฒ๐ด๐๐น๐ฎ๐ฟ๐น๐ ๐ถ๐ป ๐๐ผ๐๐ฟ ๐ฒ๐ป๐๐ถ๐ฟ๐ผ๐ป๐บ๐ฒ๐ป๐? Then you should know there are more secure ways to do it.
๐๐ ๐ฑ๐ฒ๐ณ๐ฎ๐๐น๐, your credentials are sent to the remote host during an RDP session โ which means if the machine is compromised, attackers can steal and reuse them.
๐๐๐ ๐๐ต๐ฒ๐ฟ๐ฒโ๐ ๐ด๐ผ๐ผ๐ฑ ๐ป๐ฒ๐๐ โ Microsoft gives us secure modes likeย Restricted Adminย andย Remote Credential Guard, which prevent that.
๐ ๐โ๐๐ฒ ๐ฝ๐๐ ๐๐ผ๐ด๐ฒ๐๐ต๐ฒ๐ฟ ๐ฎ ๐๐๐ฒ๐ฝ-๐ฏ๐-๐๐๐ฒ๐ฝ ๐ด๐๐ถ๐ฑ๐ฒ on how to enable these protections properly. Whether youโre securing privileged access via PAW or regular RDP user access, this is something every admin should know.
Protecting credentials over RDP
๐ You can download the full PDF (and other guides) and follow it carefully to avoid mistakes:
https://academy.horizon-secured.com/p/windows-infrastructure-security-guides