For every connection made to a remote PC, the RDP client in Windows (mstsc.exe) saves the computer name or an IP Address and also the username used to log on.
When the RDP client is launched again, the RDP client offers the user the possibility to select one of the connections that were previously initiated. The user can select the name of the remote RDP server from the list (name or IP address), and the user name used for login as shown below.
This is pretty nice and saves user time in executing remote connections but not exactly safe from network security point of view since connection information about remote desktop sessions is stored individually in the profile of each user and can be viewed by any user who logs on.
Below are the steps to clear the history of Remote Desktop connection and credentials saved.
Fire up the registry editor as shown here https://techdirectarchive.com/2020/02/08/what-is-registry-editor-and-how-to-access-the-registry-hives/
Navigate to the following keys
– Terminal Server Client
Note: If you do not have an RDP connection made, you may not find this key in the registry.
Under this key, we have the sub-key following (the two below are only relevant to us)
Below is a brief explanation of the following keys
Default: the “Default” sub-key saves the last RDP connections.
MUR means, most recently used!
To delete these entries, select all the strings and
– Right-click and
– Click on delete as shown below
This will prompt a “Confirm Value Delete” Window as shown below
– Select Yes if you wish to delete the history “MRU”.
See how to remove saved RDP credentials in Windows 10