How to change the default port for Remote Desktop

  • Buffer
  • Buffer

If you like me is a big fan of the Windows feature Remote Desktop, you might find this post interesting. I will tell you how you can change the default port for Remote Desktop making it harder for hackers to attack your computer.

Remote Desktop

What is Remote Desktop?

Remote Desktop is a great built-in service first introduced in Windows XP. It allows users to remote control Windows to perform all kind of tasks. Because it is a built-in feature, it is also a bit target for hackers. As per default the feature is not active and you are also denied access with users with a blank password. The service is listening for traffic on TCP port 3389 and all hackers know that. That is why they will be looking for firewalls that allow connection on that port using all kinds of port scanners. The best solution to avoid attacks will be to require VPN connections to access a computer behind a firewall. If that is not an option you might want to change the port that Remote Desktop is listening on.

Remote Desktop Settings

How to change port for Remote Desktop

To change the listening port for remote desktop you will have to make a small change in Windows using the Registry editor (regedit.exe). You will need to navigate to: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\

Edit the value: PortNumber to the new number you want instead of the default 3389 (e.g. 3390)

The next time you restart your computer it will be listening on the new port and only allow connection on that specific port. If you don’t like to make changes to your computer using regedit, Microsoft have made a small Fix It application that can make the changes for you. All you have to do is to enter the new port number you want to use. To download the Fix It tool, just click on the image below.


Notice: If you are running Windows Firewall on the computer you want to connect to you will have to create a new rule allowing TCP inbound traffic on you new custom port.

How to connect to a Remote Desktop using a custom port

In order to tell your remote desktop client to connect to the new custom port you will have to add the port number after the IP address or name you are connecting to. E.g. Per default the RDP client will always try to connect using port 3389.

Remote Desktop Custom Port

I hope that you found this post useful. If you have any questions or something else on your mind please leave me a comment below.


About Thomas

I am an IT Professional that has this blog as a hobby project in my spare time. I have been in the IT business since 1996 and want to share some of the thing I have picked up over the years with people who visit this blog... Connect with me on: Twitter | Google+ | YouTube Subscribe to my Newsletter