Remote access apps are great for controlling your PC when you’re not sitting in front of it. However, remote access apps are often prime targets for hackers, and a few security adjustments can thwart their attempts.
1 Enable two-factor authentication for remote access apps
Powerful modern computers can crack 7-character passwords in just a few seconds. Using a password tool to create a strong passphrase increases this number exponentially, making it more resistant to brute force attacks.
Unfortunately, having a strong password is no longer enough, as attackers often compromise credentials through other means.
- Convincing phishing email
- Exploiting weaknesses in an app’s password security design (VNC and Windows RDP have been notorious for this in the past)
- Infiltrate servers and steal login information stored in corporate databases
There’s one easy way Don’t be fooled by simple password authentication, or two-factor authentication (2FA). Many remote access solutions, such as TeamViewer, make it easy to enable 2FA. This allows you to send emails or messages to your mobile device and Using the second verification method is much harder to break into than using passwords alone.
2 Update your remote desktop software regularly
Of course, if the software itself is susceptible to abuse, passwords alone won’t stop the attack. Therefore, it is very important to regularly install security updates for remote software.
Things move fast in the tech world, so if your app hasn’t been updated in over a year, you’re in for trouble. If you are still using NoMachine version 8.02 when version 8.14 has already been released, hackers will try the vulnerabilities listed in the old patch notes.
Enable automatic updates for peace of mind, but if that’s not possible, add it to your to-do list as something to check regularly. That’s very important.
3 Restricting remote access with whitelists
But why give bad actors the chance to pick the lock when you can remove the door entirely? Many remote access apps allow you to limit who can connect in the first place.
You might think that unless you’re a celebrity or a tech giant, no one would target your little PC. However, attackers regularly use port scans across IP blocks to look for easy marks. If a remote server is exposed to the wider Internet, it is hidden and therefore not secure.
Thankfully, you can use a whitelist of IP addresses to vet who’s knocking. Remote control apps like AnyDesk let you set which devices you trust, and other remote access apps like Splashtop let you specify which IP addresses to recognize.
If you choose to whitelist via IP address, take precautions to avoid being accidentally locked out.
Client devices may have dynamic IP addresses that change without warning. All of a sudden I was removed from the whitelist and blocked myself. Here are some ways to ensure you can edit your whitelist when you need to.
- Use our handy subnet calculator to specify a wider subnet range that takes into account the locations you typically access, such as your home or office.
- have physical access to the remote computer
- Web access to the provider’s portal (e.g. logmein.com)
4 Connect to VPN before using remote control
If you’re connecting to a remote desktop using a public Wi-Fi access point (or a network that’s not yours), your activity isn’t secure. That’s because your traffic is going through someone else’s hardware.
One solution is to connect to a VPN before starting a remote session. A VPN provides end-to-end encryption; You from eavesdropping. We recommend choosing one from our list of the best VPN services.
There are better solutions for those who self-host a remote access server, such as RealVNC, Windows RDP, or Chrome Remote Desktop. This way, you can take advantage of the VPN’s superior security standards to block outsiders.
Here are the key points on how to set it up:
- Restrict your remote access software to only accept connections from your home network (or the network you use) and deny all other connections.
- Set up your own VPN on your home network using WireGuard, Tailscale, or a service built into your router.
- If you need remote access, connect to a VPN and tunnel to your home network. You should now be able to connect to your remote PC as if you were connecting from your local network.
The downside to using a VPN is that it usually slows down your stream and requires more effort to set up. But there’s a reason it’s the gold standard for remote access to corporate and university networks.
By the way, you are not limited to only one technique. When you combine the security steps above, your remote PC becomes a fortress surrounded by concentric moats.
