The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

How to enable or disable Always Prompt for Password upon Remote Desktop Connection to Windows PC

Download Windows Speedup Tool to fix errors and make PC run faster

By default, when a Windows 11 or Windows 10 client machine successfully establishes a Remote Desktop connection to a host machine, the credentials used are then saved to allow for automatic connection in subsequent connections. connect to your computer – this can pose a security risk to your computer. In this post, we show you how to enable or disable Always Prompt for Password upon Remote Desktop Connection to Windows PC.

Enable or Disable Always Prompt for Password upon Remote Desktop Connection

Enable or Disable Always Prompt for Password upon Remote Desktop Connection

PC users can run the mstsc.exe command or use the Microsoft Remote Desktop app to connect to and control your Windows PC from a remote location on a remote device. With a remote desktop connection, you can use another device to connect to your PC and have access to all of your apps, files, and network resources as if you were physically present at the desk; and you can increase the number of Remote Desktop Connections per machine.

You can enable or disable Always Prompt for Password upon Remote Desktop Connection to Windows 11/10 PC in either of two ways with the following prerequisite:

We’ll discuss the two methods in this section as follows:

Via Local Group Policy Editor

Always Prompt for Password upon Remote Desktop Connection-Local Group Policy Editor

To enable or disable Always Prompt for Password upon Remote Desktop Connection to Windows 11/10 PC via Local Group Policy Editor, do the following:

  • Press Windows key + R to invoke the Run dialog.
  • In the Run dialog box type gpedit.msc and hit Enter to open Local Group Policy Editor.
  • Inside the Local Group Policy Editor, use the left pane to navigate to the path below:

Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security

  • At the location, on the right pane, double-click on Always prompt for password upon connection policy to edit its properties.
  • In the open policy window, set the radio button to Enabled or Not Configured or Disabled per your requirement.
  • Click Apply > OK to save the changes.
  • Exit the Local Group Policy Editor.
  • Restart your computer.

You can use Remote Desktop (RDP) in Windows Home; so, for Home edition users, you can add the Local Group Policy Editor feature and then carry out the instructions as provided above or you can do the registry method below.

Read: Your credentials did not work in Remote Desktop

Via Registry Editor

Always Prompt for Password upon Remote Desktop Connection-Registry Editor

To enable or disable Always Prompt for Password upon Remote Desktop Connection to Windows 11/10 PC via Registry Editor, do the following:

Since this is a registry operation, it is recommended that you back up the registry or create a system restore point as necessary precautionary measures. Once done, you can proceed as follows:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
  • At the location, on the right pane, right-click on the blank space on the right pane and then select New > DWORD (32-bit) Value to create a registry key and then rename the key as fPromptForPassword and hit Enter.
  • Double-click on the new entry to edit its properties.
  • Input 1 (to enable) or 0 (to disable) in the Value data field per your requirement.
  • Click OK or hit Enter to save the change.
  • Exit Registry Editor.
  • Restart your PC.

Alternatively, you can automatically enable the PromptForPassword key in the registry. Here’s how:

  • Press Windows key + R to invoke the Run dialog.
  • In the Run dialog box, type notepad and hit Enter to open Notepad.
  • Copy and paste the code below into the text editor.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services]
"fPromptForPassword"=-dword:00000001
  • Now, click the File option from the menu and select Save As button.
  • Choose a location (preferably desktop) where you want to save the file.
  • Enter a name with .reg extension (eg; EnableRDCPforP.reg).
  • Choose All Files from the Save as type drop-down list.
  • Double-click the saved .reg file to merge it.
  • If prompted, click on Run > Yes (UAC) > Yes > OK to approve the merge.
  • You can now delete the .reg file if you like.
  • Restart PC.

Likewise, you can automatically disable the key – simply follow the steps above, but this time, copy and paste the code below and save the reg file as DisableRDCPforP.reg.

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services]
"fPromptForPassword"=-

That’s it!

Related post: Enable or disable Require Sign-in on Wakeup in Windows

What is the default password for Remote Desktop Connection?

Open the Start menu and search for Computer Management. In the Computer Management utility, navigate to Local Users and Groups. Go to Users, then right-click the desired Remote Desktop User (the default user is ServerAdmin).

Where is RDP password stored?

These credentials are stored in an encrypted form in the Credential Manager of Windows by using the Data Protection API. The “pbData” field contains the information in an encrypted form. However, the master key for decryption is stored in the lsass.

Obinna@TWC

Obinna has completed B.Tech in Information & Communication Technology. He has worked as a System Support Engineer, primarily on User Endpoint Administration, as well as a Technical Analyst, primarily on Server/System Administration. He also has experience as a Network and Communications Officer. He has been a Windows Insider MVP (2020) and currently owns and runs a Computer Clinic.