How to Change RDP Password in Windows

Remote Desktop Protocol (RDP) is a Microsoft client-server protocol that lets you remotely connect and control a computer via a network and is extensively used for remote working, server administration, and accessing files or applications from a remote machine. RDP is built into Windows directly and used in both personal and enterprise environments.

Ultimately, it is important to know how to change RDP password in order to keep your remote desktop secure. An outdated or weak password can leave your machine exposed to unauthorized access and data theft as well as a potential network breach. Regularly changing the RDP password keeps your remote connections safe from unauthorized logins or brute-force attacks.

This article explains how to change RDP password in Windows 10, Windows 11, and Windows Server with a few different secure options. It includes a number of different RDP change password options – from local changes, remote changes, and server-side changes – so that you can feel confident your Windows password change process is secure and successful.

Understanding RDP and Why Password Security Matters

Remote Desktop Protocol (RDP) is a Microsoft developed client-server protocol that helps you connect and operate on a computer remotely across a network. RDP is utilized for remote working, remote server administration, as well as using files or applications from a remote machine. RDP is built into Windows directly and used in both personal and enterprise use cases.

Pre-Requisites Before Changing RDP Password

Remote Desktop Protocol (RDP) is a client-server protocol provided by Microsoft. Most Windows computers have RDP enabled, so RDP can be used in conjunction with other tools, such as VPN, to facilitate remote desktop sessions to a workstation or server. RDP is used for remote working, remote server administration, or access to files or applications on a remote computer. Because RDP is built into Windows operating systems, it is utilized by personal and business use cases.

First of all, if you are serious about securing your remote desktop, you should understand how to change RDP password. Because if you give access to your machine with an old password or weak password, you may be allowing unauthorized access to your machine, data or other network breaches. To secure your remote connections from unauthorized login or brute-force attacks, learn to change your RDP password frequently.

Methods to Change RDP Password in Windows

Method 1 – Change RDP Password from Windows Settings (Windows 10 & 11)

If you are changing the Windows password when your RDP login uses a local Windows account, the RDP credentials will update automatically. This method is available in Windows 10 and Windows 11, and is the easiest option to use when you have access to the system directly, or are connected via an active remote desktop session.

To begin, access the windows Settings panel. You can do this quickly by pressing Windows + I on your keyboard to launch the Settings window. In Windows 11, select Accounts from the menu on the left. If you are using Windows 10, click Accounts from the main settings page. This section has all options that relate to user accounts and login preferences:

Inside the Accounts section, select the manage another account option and then select that account you are currently using:

After that select the option of changing the password:

The system will prompt you to verify your identity by entering your current password. After confirmation, type in your new password, re-enter it to confirm, and add a password hint if required: 

Click on the Change password option to apply the change.

Once your password change is complete, your old password for your Windows account is instantly replaced with the new password, and you will use this password the next time you log into the remote system using Remote Desktop Connection (RDP). If you fail to remember the new password, then you will have challenges establishing a connection to the Remote Desktop.

Method 2 – Change RDP Password via Ctrl + Alt + Del Command

When you are connected to a computer session via Remote Desktop, you will have access to the same security screen for the computer. You will have to use the Ctrl + Alt + Del command. This command will bring up the Windows security options for the remote system where you will be able to change your password, without having the requirement to log out of the session:

After you select the change password, the system will prompt you to enter your current RDP login password, which will have to be verified. You will then enter your new password, confirm the new password by re-entering, and then hit Enter on the keyboard to save the changes:

The update will take effect immediately, meaning that when you log in to the remote Desktop of the computer next time, you will be required to use the new credentials. This process is especially useful when you are working in a remote system and are wanting to change your RDP credentials using this method without having to log out of your session or using some other method.

Method 3 – Using Command Prompt or PowerShell

If command-line tools are more your style, or if you need to quickly change an RDP password, Command Prompt and PowerShell provide easy-to-use options for changing the password for a user account. These tools are especially useful for system administrators or if you don’t have access to a graphical user interface. When changing the password through Command Prompt or PowerShell, any RDP credentials associated/linked to that account will also be updated automatically.

Changing the Password with Command Prompt

To begin, we will launch Command Prompt with administrator rights. To do this, type “cmd” into the search in the Start menu, right-click on the Command Prompt result, and click on Run as administrator. In the Command Prompt window that opens, type the command below. Make sure to replace username with the name of the account and newpassword with your desired new password:

net user username newpassword

Press Enter, and if the command runs successfully, the password will be updated immediately.

Changing the Password with PowerShell

PowerShell provides a modern alternative for the same task. Open PowerShell as an administrator and enter the command below, again replacing the placeholders with the actual username and password:

Set-LocalUser -Name "username" -Password (ConvertTo-SecureString "newpassword" -AsPlainText -Force)

After execution, the change takes effect instantly, and you can use the new password for your next remote desktop login. This method is efficient for both individual updates and bulk password changes across multiple systems.

Additional RDP Security Tips After Changing Password

Changing your RDP password is a crucial step, but it should be done along with other protective strategies to adequately create a secure remote desktop environment. These other strategies will continue to help strengthen security, even if you leak your login credentials and they are compromised.

Limit RDP Access by IP Address

Limit RDP connections to specific IP addresses is a very valuable practice when setting up your remote environment. Essentially, to simply prevent devices we do not recognize from trying to log in to your remote desktop, you can limit RDP connections to specific IP address. In general, you can do it through Windows Firewall, or through the settings on your router by establishing inbound rules based on IP address ranges that are only allowed to connect to your RDP connection.

Use Network Level Authentication (NLA)

Enabling Network Level Authentication adds another layer of security as a user will need to authenticate before being connected to a remote desktop session. An authenticated account will have limited resource overhead before establishing the remote session, meaning that NLA relies less on the operating system resources, thus lowering the possibility of denial of service attacks. Using NLA means that only authenticated acounts can be placed at the login screen. NLA is only available with Windows and Windows Server editions that use an RDP host.

Keep Windows Updated

Systemically applying Windows Updates (Patch Management process) will keep the OS up-to-date with security patches. Commonly updates provide patches for vulnerabilities related to bypassing authentication and compromising RDP sessions. It is always recommended to enable automatic updates to avoid invoking older patches and insecure applications.

Use RDP Over VPN

Routing RDP connections through a Virtual Private Network (VPN) wrapped with encryption ensures that the RDP port is not exposed to the public internet. This will complicate your system being ‘discovered’ by attackers. Additionally, using a VPN limits access through the requirement that first authorizes an individual over a secure private network before the individual’s remote desktop service gets established.

Conclusion

Changing your RDP password is not simply a procedural task. It is the first step in securing remote access to your Windows systems. In this article we discussed a number of ways to change your RDP password in Windows, so that your remote desktop access can remain secure and protected.

We started with Windows Settings which is the best way for local accounts in Windows 10 and Windows 11. Then we covered the Ctrl + Alt + Del command which can be done while in an RDP session permitting you to change your password without logging off. Then we shared the Command Prompt and PowerShell for advanced users which provide quick, scriptable ways to change your password. Last we showed the RDP password change on Windows Server via either Server Manager or Active Directory tools.

FAQ