RDP (Windows Remote Desktop) is not terribly secure, and it's a bad idea to expose it directly to the internet.
But you can add 2 factor authentication using duo.com, and it's free for 10 users.
Now, if you try to connect to remote desktop, you can only connect if you additionally confirm it on your phone.
What I'm struggling to answer is how secure this really is. It would seem bullet-proof, unless there's a possibility of an RDP bug/exploit that allowed the second authentication to be bypassed.
Googling fails to answer the question for me!
Perhaps spending money on a router that has a VPN server is the best answer.
But can I be confident that a VPN would be less vulnerable to attack than RDP+ Duo? Presumably a VPN could also contain vulnerabilities.
Got a credit card? use our Credit Card & Finance Calculators
Thanks to Rhyd6,eyeball08,Wondergirly,bofh,johnstevens77, for Donating to support the site
remote desktop two factor authentication
-
- Lemon Slice
- Posts: 778
- Joined: November 4th, 2016, 7:18 am
- Has thanked: 211 times
- Been thanked: 491 times
-
- Lemon Half
- Posts: 8408
- Joined: November 8th, 2016, 5:56 am
- Has thanked: 4486 times
- Been thanked: 3618 times
Re: remote desktop two factor authentication
Anything can contain vulnerabilities
Your 2FA solution should stop anyone accessing your RDP server without your phone
The VPN could be used to encrypt your traffic and you could limit RDP access to the same network (having both ends in the VPN)
That's about as bullet proof you can get while still being able to access things remotely (assuming no alternative RDP stuff is installed to go round behind it - which is more likely than the intended 2FA being hacked)
Your 2FA solution should stop anyone accessing your RDP server without your phone
The VPN could be used to encrypt your traffic and you could limit RDP access to the same network (having both ends in the VPN)
That's about as bullet proof you can get while still being able to access things remotely (assuming no alternative RDP stuff is installed to go round behind it - which is more likely than the intended 2FA being hacked)
-
- Lemon Quarter
- Posts: 4489
- Joined: November 4th, 2016, 2:25 pm
- Has thanked: 648 times
- Been thanked: 1266 times
Re: remote desktop two factor authentication
I'd definitely have a decent router in place...https://routersecurity.org/RouterNews.php
https://routersecurity.org/testrouter.php
https://www.wireguard.com/
https://routersecurity.org/testrouter.php
https://www.wireguard.com/
-
- Lemon Quarter
- Posts: 3191
- Joined: December 7th, 2016, 9:09 pm
- Has thanked: 357 times
- Been thanked: 1052 times
Re: remote desktop two factor authentication
Midsmartin wrote:RDP (Windows Remote Desktop) is not terribly secure, and it's a bad idea to expose it directly to the internet.
But you can add 2 factor authentication using duo.com, and it's free for 10 users.
Now, if you try to connect to remote desktop, you can only connect if you additionally confirm it on your phone.
What I'm struggling to answer is how secure this really is. It would seem bullet-proof, unless there's a possibility of an RDP bug/exploit that allowed the second authentication to be bypassed.
Googling fails to answer the question for me!
It really depends upon what you "mean" by "secure".
Basically you are trusting a 3'ed party with your security/privacy. I'm not arguing that there is anything "wrong" with this, but it is what is suggested.
There are of course other alternatives.
One is to use ssh with strong key control.
Ok, unpacking, ssh is an encrypted protocol (with possibly strong key's) intended to provide a command line (Secure SHell) interface to a remote machine.
When a connection is asked the machine address and/or a cryptography key is checked.
However it can be used as a tunnel to wrap other things.
Here is a google search
https://www.google.com/search?client=fi ... dp+via+ssh
Here is the link I picked from that search.
https://blog.netnerds.net/2017/12/updat ... e-desktop/
What's your use case? Home, school, company etc.
-
- Lemon Slice
- Posts: 450
- Joined: April 13th, 2017, 11:37 am
- Has thanked: 235 times
- Been thanked: 154 times
Re: remote desktop two factor authentication
I've used an RDP over SSH arrangement for a couple of years now and it works beautifully.
Return to “Technology - Computers, TV, Phones etc.”
Who is online
Users browsing this forum: No registered users and 31 guests