From a website:
To enhance the security of a Remote Desktop session over the Internet,
you should prevent automatic password passing. To do this, you can
enable the Always prompt client for password upon connection in the
Terminal Services Group Policy setting. When this setting is enabled,
you must supply your password in the Windows Logon dialog box whenever
you start a Remote Desktop session.
To access Terminal Services Group Policy
Click Start > Run, type mmc in the Open: box, and click OK
On the File menu, click Add/Remove Snap-in
In the Add/Remove Snap-in dialog box, click Add
In the Add Standalone Snap-in dialog box, click Group Policy, click
Add, and then click Finish
Click Close in the Add Standalone Snap-in dialog box, and click OK in
the Add/Remove Snap-in dialog box
In the Console Root pane, double-click Computer Configuration >
Administrative Templates > Windows Components > Terminal Services
The Always prompt client for password upon connection policy is under
Encryption and Security
You can further enhance security by using the settings under
Client/Server data redirection here you can disable:
Clipboard redirection
Smart card device redirection
COM port redirection
Client printer redirection
LPT port redirection
Drive redirection
Audio redirection
Jeffrey Randow (Windows Networking & Smart Display MVP)
(e-mail address removed)
Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....
Remote Networking Technology Support Site -
http://www.remotenetworktechnology.com
Windows XP Expert Zone -
http://www.microsoft.com/windowsxp/expertzone