We all want to be safe on the internet. As the provider of remote access software, we have the responsibility to keep our user’s data secure. So today, on Safer Internet Day, we want to answer this question:
What makes AnyDesk secure?
Encryption protects your computer from unauthorized access. We use TLS 1.2, a protocol that is also used in online banking. In addition to that, we use 2048bit RSA or 256bit Elliptic curve DH asymmetric key exchange and AEAD to verify every connection.
The connection itself – the invisible thread between you and the remote device – is therefore wrapped in multiple layers of security.
But there’s more: If AnyDesk detects a modification to the connection signal, it is dropped immediately for security reasons. Renegotiation is a priori disallowed, leaving no room for MITM-type attacks.
The current encryption mode, verification status, and client fingerprint can be viewed during the established session by hovering the mouse over the lock icon in the status bar.
You have a plethora of options within a session. On the remote side, you can choose what permissions you want to grant, whether it’s about transmitting sound or letting the incoming user control your mouse and keyboard. You can also grant additional permissions in the settings security tab. For example: Do you trust the incoming user enough to let them restart your computer?
If you don’t want to get session requests, simply disallow interactive access or set a password for unattended access, meaning only someone who has your password can access the device. And you don’t worry about the password! We don’t save them and use salted password hashing instead. This allows you to tailor the level of security to your specific needs.
You can exclude your device from being discovered and disable auto-updates. By whitelisting trusted desks on the Access Control List, you can make sure that only selected people can request and establish a connection with you – everyone else will simply be blocked.
For my.anydesk.com, we provide the option of two-factor-authentication as an extra security layer, meaning besides your password you need an authentication app to log in. Just make sure you save or print out the recovery key!
If no direct connection is established, your data usually runs over our servers at AnyDesk, complete with the aforementioned encryption of course. An extra option for security would be to use your own servers, On-Premise, ensuring your data remains within a sealed network. If operating within a sealed network (DMZ) is important to you, AnyDesk Enterprise is the solution for you to work.
Finally, but most importantly, we need to spread awareness. In order to ensure a safe remote session, we constantly remind you not to share personal information with people you don’t know. We use social media, our blog, and all other means of communication to keep users informed about online security topics and to keep them safe. If you ever encounter a scammer trying to use AnyDesk, we urge you to report it to us so we can block them.
We do our best to keep you safe. To learn more on how not to get tricked by scammers into granting them access to your data, check out our blog article about social engineering .