9
2
When storing connection passwords, MS RDP provides the ability to store the password as either clear text or to encrypt it.
Thr resulting node in the file looks like
<logonCredentials inherit="None">
<userName>USER</userName>
<domain>DOMAIN</domain>
<password storeAsClearText="False">AQAdERjHoAwE/Cl+sBAAAA(...)zh</password>
</logonCredentials>
I'm wondering how secure is that encryption, and if the file can be shared among coworkers without someone being able to easily guess the password.
I'm guessing "not much" but I couldn't find exactly how that encrypted chain is generated.
Any idea? Thanks!
1Define "easily guess", I would guess it would be specific to the machine, that would be the most secure way to do something like this. Of course given enough time one can brute force pretty much anything, depends on how good the password is, and of course what exactly is used. I did a google search....It seems the general advice is to encrypt the configuration file itself. I suggest you do that. – Ramhound – 2012-08-02T15:43:32.387
What is the point of protecting the password if your users can connect anyway ? – Shadok – 2012-08-02T16:17:10.607
@Ramhound I wish you had submited your comment as an answer, I would have upvoted. – Luk – 2012-08-03T06:38:44.497