Remote Desktop Protocol or just RDP is a special network protocol that allows a user to establish a connection between two computers and access the Desktop of a remote host. For every connection made to a remote PC, the RDP client in Windows (mstsc.exe) saves the computer name or an IP Address and also the username used to log on. See the following guide on how to remove saved RDP credentials in Windows 10. For other topics on RDP, see the following hyperlinks: How to allow saved credentials for RDP connection, how to remove saved RDP credentials entries in Windows 10, How to prevent the saving of Remote Desktop Credentials in Windows, Remote Desktop can not find the computer FQDN and this might mean that FQDN does not belong to the specified network, and how to disconnect a Remote Desktop User.
Information about all RDP (terminal) sessions is stored individually in the registry hive of each user. Only Domain Admins will be able to view the RDP connection history of another user.
When the RDP client has launched again, the RDP client offers the user the possibility to select one of the connections that were previously initiated. The user can select the name of the remote RDP server from the list (name or IP address), and the user name used for login as shown below.
This is pretty nice and saves user time in executing remote connections but not exactly safe from network security point of view since connection information about remote desktop sessions is stored individually in the profile of each user and can be viewed by any user who logs on.
Below are the steps to clear the history of the Remote Desktop connection and credentials saved. Fire up the registry editor as shown in the following link. Navigate to the following keys
- HKEY_CURRENT_USER
- Software
- Microsoft
- Terminal Server Client
Note: If you do not have an RDP connection made, you may not find this key in the registry. Under this key, we have the sub-key following (the two below are only relevant to us)
– Default
– Server
Below is a brief explanation of the following keys: Default: the “Default” sub-key saves the last RDP connections.
MUR means, most recently used! To delete these entries, select all the strings and
– Right-click and
– Click on delete as shown below. This will prompt a “Confirm Value Delete” Window as shown below
– Select Yes if you wish to delete the history “MRU”.
Alternatively, Windows also saves the recent Remote Desktop connections in Jump Lists. If you type mstsc in the Windows 10 or 11 search box, the previously used RDP connections will appear in the list. You can completely disable Windows 10 recent file and location in the Jump list with the registry dword parameter Start_TrackDocs in the reg key.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced (set it to 0), or you can clear the Recent Items lists by deleting files in the directory %AppData%\Microsoft\Windows\Recent\AutomaticDestinations. Click on delete!
I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.