Welcome to the AnyDesk Blog
  Go back to all articles

How to Improve the Security Settings in your AnyDesk Account


We take security very seriously


Any desk uses TLS1.2 based encryption, which is also used in online banking. Both ends of a connection are cryptographically verified. This makes it impossible for a stranger to fake your AnyDesk-ID and pretend to be you. So, if you always check the connecting person’s AnyDesk-ID, you’re on the safe side. Furthermore, you can review the current encryption mode, verification status and client fingerprint by hovering the mouse cursor over the lock icon in the status bar.

All connections use AES-128 bit encryption in GCM mode by default Licensed versions of AnyDesk provide even stronger encryption.

Who can access my computer?

The default settings don’t allow unattended connections to your computer. Connection requests must be accepted from a real person in front of your PC. We call this ”interactive access”. On a fresh AnyDesk installation, you can only let other people in if you have opened your AnyDesk program window. This prevents you from accidentally letting strangers in.

If you need to access your PC without someone letting you in, go to the security panel in the options dialog. You can set a password for unattended access there.

But please be very careful when handing out your password or allowing a connection to your machine. Always double-check when a third party contacts you and requests your AnyDesk Address. We from AnyDesk will never ask for your ID or password and legitimate support companies will never cold-call you. In case you are seeking the help of a PC repair service, please make sure you know the vendor.

Improving your AnyDesk Password


Make sure your password is very secure. Anyone who knows the password and your AnyDesk ID has full access to your computer. 
Our tips:

  • The best and most secure passwords are long, unique and random. (But if your password is long, you can spare a lot of weird characters that are hard to remember.) A password with more than 12 characters is highly recommended.
  • Never use the same password across different online services, applications and accounts: if one of them is compromised, they all are.
  • We also suggest that you change your password regularly.
  • You can use a password manager to make this more convenient and ensure the highest level of security.
    Take a look at this useful video where Edward Snowden talks about password security.

Checking my latest connection attempts


AnyDesk keeps a local record of all connection attempts to your machine. To view the connection log, go to the about tab in the main Menu and click the link “View connection trace”. A new window will open, showing a text file with all connection events. The format of the table is as follows:

  • Direction of the connection (currently always “Incoming”)
  • Date and time
  • The method of authentication: User, Token (explained in the next paragraph), or Password
    Information about the AnyDesk user who made the connection
    If you have a Professional license, you can view your PCs complete connection history (incoming and outgoing) at my.anydesk.com

Connections without password


If a password is set on the remote computer, you can choose to log in automatically. Just connect and wait for the password dialog to appear:

Check “Log in automatically from now on” and enter the correct password. You will not be asked for the password anymore for future connections to the same machine.
This feature does not save the password itself. Instead, if the password was entered correctly, the remote machine generates a specific token. This token is like a special key that can only be used by a single AnyDesk client. This means that there is no way to retrieve the password in clear text, even if someone has full access to your computer.

If you would like to revoke the permission to connect to your PC, you have two options:
1. Change the password. Even changing the password to the same password again invalidates all tokens. This is useful if you entered your password on another computer, but the user there does not know the actual password. 
2. Press the “Clear all tokens” button.
You can disable this feature entirely by checking the option in the security tab. Please Note: The already existing tokens will not be cleared by doing this, but no new tokens can be generated anymore.

What comes next in terms of security?


We are planning to bring you more security features that will allow you more detailed control on who can access which computer. Here’s what’s on our roadmap:

  • Multiple Passwords: If you want to grant access to your computer to various people, you might want to give them each their individual passwords. This way, you can revoke access for a single person without having to change everybody else’s password.
  • Access Whitelist: It will be possible to set a whitelist of AnyDesk-Addresses for a computer. If the whitelist is active, only a pre-defined group of people will be able to connect.
  • Two-factor Authentication: We are also planning to offer 2FA to Professional and Enterprise customers. If this feature is activated for a computer, every connection requires solving a challenge that only authorized people can do. For example, because they possess a mobile phone that will generate an access code.

AnyDesk Enterprise


If you need the highest level of security, we recommend you ask our sales team about ”AnyDesk Enterprise”. This is our self-hosted version of AnyDesk which allows customers to run their own isolated AnyDesk network. It also works in LANs/Intranets without WAN access.

Archives

Sign up for news, tips and more