About Remote Desktop for Mobiles

About Remote Desktop for Mobiles - Security

Remote Desktop for Mobiles end-to-end encryption protects data transfering between the Client and the Server on remote computer. At establishing a connection, the Server will be opening a new session in which an exchange of data encryption keys for session will be performed. All session data is encrypted by 3DES (Triple DES) algorithm with 128 bits key. The 3DES key is generated by randomly each time at opening a session. This provide an most secure remote access solution.

In addition the Server has an possibility to register all operations in a log file. This mode is enabling by default. The log files are saved into a subdirectory "rdmserv.log" in the Server installation directory (by default "\Program Files\Remote Desktop for Mobiles\rdmserv.log" on a system disk).

Password recommendations:

Note: Please follow these recommendations at a choice of the password for accounts, it will increase security at working with your remote computer.

Longer passwords are more difficult to compromized. The minimum acceptable length for a password is six characters. Eight and more is preferable. The maximum length of password is not limited.

A diverse character set is very important. At a minimum, passwords should contain at least one capital letter (A-Z) and one numeric digit (0-9). Punctuation, foreign, and special characters may also be used, although some phones are incapable of accepting them.

Even if a password is long and has acceptable syntax, it can still be guessed if the attacker is lucky or insightful. Using any part of your account or domain name, or email address is a bad idea. A name, date, or personal data (phone, credit-card, address, names of family, pets, friends, co-workers, fantasy characters, etc.) is equally bad. Any unobfuscated dictionary word is also a poor choice. Ideally passwords would be completely random.

Using the same password for different accounts or services is a bad idea. If an attacker obtains the password for one, the others can easily be compromised as well. Each password should be unique.

The more people who know a password, the less secure that system is. Giving passwords out on a "need to know" basis helps keep things under control. In combination with frequently changing, limiting the number of people who know the password at any given time will greatly reduce unauthorized or unexpected changes from being made in group environments.

Writing passwords down reduces their level of security, and should be avoided if at all possible. Since human memories are finite and fallible, and a forgotten password is both a hassle and a security problem, writing down access information in a secure place should be avoided but is acceptable for most cases if alternatives are not available.