Pricing  Get Quote
 
 

Knowledge Base

Self Service Password Management » Knowledge Base

How to enable MFA for Remote Desktop (RDP) connections

In this article:

Objective

This article provides the steps to implement multi-factor authentication (MFA) for Microsoft Remote Desktop Protocol (RDP) connections. Configuring MFA for RDP helps secure both local and remote access to Windows, macOS, and Linux machines, effectively reducing the risk of password-based attacks, such as brute-force attempts. By implementing RDP MFA, organizations can ensure that only authorized users gain access to critical endpoints.

Prerequisites

  • Endpoint MFA license: Your ADSelfService Plus license must include the Endpoint MFA license. Visit the store to purchase Endpoint MFA.
  • SSL must be enabled: SSL must be enabled in ADSelfService Plus for secure communication, which is crucial when configuring RDP MFA.
  • ADSelfService Plus login agent: The Windows logon agent that comes bundled with ADSelfService Plus must be installed on the machines that are going to be secured via RDP MFA.
  • Access URL must be set to HTTPS: Navigate to Admin > Product Settings > Connection > Connection Settings > Configure Access URL and set the Protocol option to HTTPS.

Steps to follow

Step 1: Configure required authenticators

  1. Log in to the ADSelfService Plus admin portal.
  2. Navigate to Configuration > Multi-factor Authentication > Authenticators Setup.
  3. Click the Choose the Policy drop-down, and select the policy for which you wish to enable MFA for RDP. This policy will determine which users will have MFA for RDP logins enabled.
  4. Configure any of the authenticators present according to organizational preference. ADSelfService Plus supports 20 authentication methods.

    authenticators-setup

    Figure 1: Configuring authenticators for RDP MFA in ADSelfService Plus.

Step 2: Configure settings for MFA for RDP

  1. Navigate to Configuration > Multi-factor Authentication > MFA for Endpoints.
  2. In the MFA for Machine Login section, select the check box next to Enable _ factor authentication for machine login, and choose the number of authentication factors you'd like to implement for Windows RDP MFA.
  3. Choose the authentication methods you would like to implement to secure your RDP connections.
  4. Click Save Settings.

    enable-mfa-for-machine-login

    Figure 2: Enabling RDP MFA in ADSelfService Plus

Related topics and articles

Multi-factor authentication for RDP logins

2FA for Windows logins

Enable MFA for privileged user accounts using ADSelfService Plus

  Download a free trial now!  Request demo

Request for Support

Need further assistance? Fill this form, and we'll contact you rightaway.

  • Name
  •  
  • Business Email *
  •  
  • Phone *
  •  
  • Problem Description *
  •  
  • Country
  •  
  • By clicking 'Submit' you agree to processing of personal data according to the Privacy Policy.
Highlights of ADSelfService Plus

Password self-service

Allow Active Directory users to self-service their password resets and account unlock tasks, freeing them from lengthy help desk calls.

One identity with single sign-on

Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications using their Active Directory credentials.

Password and account expiry notification

Intimate Active Directory users of their impending password and account expiry via email and SMS notifications.

Password synchronization

Synchronize Windows Active Directory user passwords and account changes across multiple systems automatically, including Microsoft 365, Google Workspace, IBM iSeries, and more.

Password policy enforcer

Strong passwords resist various hacking threats. Enforce Active Directory users to adhere to compliant passwords by displaying password complexity requirements.

Directory self-update and corporate directory search

Enable Active Directory users to update their latest information themselves. Quick search features help admins scout for information using search keys like contact numbers.

« Home
Knowledge Base »

ADSelfService Plus trusted by

Embark on a journey towards identity security and Zero Trust
Password management Adaptive MFA Enterprise SSO Self-service & security Related products