Skip to content

Commit 6590e77

Browse files
MagicloudMagicloud
committed
RDP password saving
1 parent 8b7e480 commit 6590e77

File tree

1 file changed

+39
-0
lines changed

1 file changed

+39
-0
lines changed

_posts/2025-09-14-save-remote-desktop-password.markdown

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
---
2+
layout: post
3+
title: "Save Remote Desktop Password"
4+
date: 2025-09-14 17:33:17 +0800
5+
categories: Windows
6+
---
7+
For reason unknown, the Remote desktop app of my Windows 11 does not give the saving credentials option. After I switched to a longer password length, this is urgenly a problem.
8+
9+
On the first try, I updated the Group Policy, which equals to registry below. The option appeared, I could input the password before connecting. But it did not pass, nor it was saved.
10+
11+
```
12+
Windows Registry Editor Version 5.00
13+
14+
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Terminal Services]
15+
"DisablePasswordSaving"=dword:00000000
16+
17+
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CredentialsDelegation]
18+
"AllowDefaultCredentials"=dword:00000001
19+
"AllowDefaultCredentialsWhenNTLMOnly"=dword:00000001
20+
"ConcatenateDefaults_AllowDefault"=dword:00000001
21+
"AllowSavedCredentials"=dword:00000001
22+
"ConcatenateDefaults_AllowSaved"=dword:00000001
23+
"AllowSavedCredentialsWhenNTLMOnly"=dword:00000001
24+
"ConcatenateDefaults_AllowSavedNTLMOnly"=dword:00000001
25+
26+
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CredentialsDelegation\AllowDefaultCredentials]
27+
"1"="TERMSRV/*"
28+
29+
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CredentialsDelegation\AllowSavedCredentials]
30+
"1"="TERMSRV/*"
31+
32+
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CredentialsDelegation\AllowSavedCredentialsWhenNTLMOnly]
33+
"1"="TERMSRV/*"
34+
35+
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CredentialsDelegation\AllowDefaultCredentialsWhenNTLMOnly]
36+
"1"="TERMSRV/*"
37+
```
38+
39+
Then I decided to update the .rdp file directly. Much simpler. The tool involves is [a powershell script](https://github.com/RedAndBlueEraser/rdp-file-password-encryptor). Run the encryptor, input the password, append a line to .rdp file in format of `password 51:b:**YOUR HEXADECIMAL STRING HERE**`. And that is it. Note: the encrypting is host depended. Using the same "hexadecimal string" on other hosts won't work.

0 commit comments

Comments
 (0)