Pricing  Get Quote
 
 

RDP password attack

Remote Desktop Protocol password brute-force attacks

As the global pandemic continues, most of us are accustomed to work-from-home culture. This change in working conditions has made remote desktop applications and VPNs the go-to ways to access enterprise resources inside the corporate network.

What is Remote Desktop Protocol?

Remote Desktop Protocol (RDP) facilitates remote access to Windows machines. To access a machine remotely, a user must be connected to the network the machine is in. The port that is commonly used for RDP connection is 3389. Other ports can also be configured to invoke RDP.

Unfortunately, with the increased use of RDP comes higher risks. Even simple brute-force attacks are fairly successful at hacking into RDP-enabled machines.

Why hackers prefer RDP attacks

If an RDP attack is successful, the hacker will have access to all the resources in the affected machine. They can also block the screen with a fullscreen image, encrypt important files, and demand a ransom to allow the legitimate user to access the machine and its files. The malware that facilitates these steps is called ransomware. In 2019, an estimated 63.5 percent of ransomware infections were through RDP attacks.

During an RDP attack, other malware can be installed and allowed to spread through the network from the hacked machine. Company data can be stolen or tampered with. The possibilities are infinite. Hackers utilizing RDP attacks get huge returns with little effort.

What are RDP brute-force attacks?

With the help of network scanners like Masscan, hackers can find the TCP and IP port ranges that are used in RDP servers in a matter of minutes. Then the hacker can track one of them down and try to gain access to the machine using brute-force tools, which automatically try a massive number of username and password combinations within a small time interval. The quickest match can be made within two minutes, but on average, the right username-password match is found in a day or two.

How to prevent RDP password brute-force attacks

  • Increase password length: Lengthy passwords are not easily cracked through brute force.
  • Increase password complexity: Avoiding patterns, common phrases, and dictionary words in passwords can help make them immune to password attacks.
  • Restrict login attempts: By setting a threshold for the number of failed login attempts, you can stop the brute-force tool from trying too many combinations of usernames and passwords. After this threshold is reached, the machine should be locked.
  • Implement CAPTCHA: CAPTCHA can prevent automated bots from attempting to log in. This renders brute-force attacks ineffective, as it is humanly impossible to try out all the possible username-password combinations to find the right pair. Even if they tried, it would take forever.
  • Configure multi-factor authentication: However strong a password is, it’s still susceptible to phishing attacks. That’s why other factors of authentication, like biometrics, should be implemented to secure logons.

Thwart RDP password attacks with ADSelfService Plus

ADSelfService Plus is an integrated Active Directory self-service password management and single sign-on solution that can ensure your organization doesn’t fall prey to password attacks.

  • Multi-factor authentication: Secure RDP, machine, and VPN logons with over 15 advanced authentication methods, including biometrics, YubiKey, Google Authenticator, and SMS verification codes.
  • Custom password length: Set minimum and maximum password lengths to avoid brute-force attacks.
  • Custom password complexity: Configure password policies with varying complexities for different users, groups, and OUs in Active Directory.
  • CAPTCHA settings: Implement CAPTCHA in the admin and user login pages as well as the second-factor authentication pages.

Other features of ADSelfService Plus include:

  • 1. Self-service password management

    Enable users to reset forgotten passwords and unlock their accounts anywhere and anytime without involving the help desk. Learn more

  • 2. Single sign-on

    Implement single sign-on for over a hundred major enterprise applications, as well as custom applications, from a single portal. Learn more

  • 3. Password synchronizer

    Sync the Windows Active Directory user password across various platforms automatically, eliminating password fatigue. Learn more

  • 4. Password policy enforcer

    Ensure users set strong passwords that are equipped to fight dictionary attacks, brute-force attacks, and other password threats. Learn more

  • 5. Directory self-update

    Allow users to update their personal information in Active Directory, freeing the help desk from this daunting and repetitive task. Learn more

Prevent RDP password brute-force attacks with ADSelfService Plus.

  Download a free trial now!  Request demo
Highlights

Password self-service

Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console. 

One identity with Single sign-on

Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus! 

Password/Account Expiry Notification

Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.

Password Synchronizer

Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, G Suite, IBM iSeries and more. 

Password Policy Enforcer

Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.

Directory Self-UpdateCorporate Search

Portal that lets Active Directory users update their latest information and a quick search facility to scout for information about peers by using search keys, like contact number, of the personality being searched.

ADSelfService Plus trusted by