Always prompt for password upon connection

Information

This policy setting specifies whether Remote Desktop Services always prompts the client for a password upon connection.
You can use this setting to enforce a password prompt for users logging on to Remote Desktop Services, even if they already provided the password in the Remote Desktop Connection client.
By default, Remote Desktop Services allows users to automatically log on by entering a password in the Remote Desktop Connection client.
If you enable this policy setting, users cannot automatically log on to Remote Desktop Services by supplying their passwords in the Remote Desktop Connection client. They are prompted for a password to log on.
If you disable this policy setting, users can always log on to Remote Desktop Services automatically by supplying their passwords in the Remote Desktop Connection client.
If you do not configure this policy setting, automatic logon is not specified at the Group Policy level.

Solution

Policy Path: Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security
Policy Setting Name: Always prompt for password upon connection

See Also

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-windows-10-version-21h2/ba-p/3042703

Item Details

Category: ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

References: 800-53|AC-17(6), 800-53|IA-2, CSCv6|16.14

Plugin: Windows

Control ID: 1ff40c22c1cff2786908f9911f77ef16156f06a6f6a33cbcfa16b99005973515