Do not allow passwords to be saved with RD Gateway in Remote Desktop Client
I'm trying to disable the Remember my credentials in the Remote Desktop Client via a Local Group Policy or registry.
But the DisablePasswordSaving setting does not have an effect when a RD Gateway is set. Like cmurphy2266 found out here: https://social.technet.microsoft.com/Forums/windows/en-US/54307f29-f2f6-4145-a63a-57f1e85bbbdd/remote-desktop-disable-password-saving
Is there any other solution?
The clients are Windows 7-8.1 and not domain joined.
Thanks, Kim
Solution 1:
The "Always prompt for password upon connection policy" on the server side can be used as a workaround. Users are asked for a password even if it saved on the client.
Same setting in Log on settings in Remote Desktop Session Host Configuration: https://technet.microsoft.com/en-us/library/cc730945.aspx
Solution 2:
I know this is an old thread but I finally stumbled upon the correct answer that actually solves the problem. Apparently RD-Gateway credentials are stored like any other regular 'network authentication' credential and not as a Remote Desktop credential. So the only way to prevent them from being saved is to prevent all 'network authentication' credentials from being saved which is via the local security policy: "Network Access: Do not allow storage of passwords and credentials for network authentication".
Open gpedit.msc and navigate to: Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options. Open the policy (named above) and set it to enabled. Now the computer will no longer save the RD-Gateway credentials. However, be aware, the "Save Credentials" checkbox will remain and if the user selects it, it will just re-prompt (without error) for the credentials again until they are entered without the checkbox being selected.