Prevent Remote Desktop Client from defaulting to Windows Hello for authentication

Eric Wightman 60 Reputation points
2023-01-25T18:38:18.8133333+00:00

Windows 10 computers that are enrolled into Azure AD / Intune are setup to use Window Hello for Business so users can log in using PINs or biometric devices (i.e. fingerprint or facial recognition).

When the user then try to use the Remote Desktop Client to access Remote Desktop Servers, the RDP client is defaulting to asking the user to login using PIN or their biometric device, which won't work as the Remote Desktop Servers are not configured to accept this. They then have to click on the option to log on as another user were they can then enter in a username and password. As they have to do this every time, it is very frustrating for them.

Is there a way to prevent the Remote Desktop Client from defaulting to using the PIN or biometric devices to log in, and instead make it default to a using a traditional username and password **without **having to do any of the following:

  1. Setup the Remote Desktop Servers to work with PINS
  2. Disable Windows Hello for Business on the Windows 10 computers
  3. Get the user to sign in on Windows using username and password instead PIN or biometric device
Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,612 questions
{count} votes

6 answers

Sort by: Most helpful
  1. Philipp Kahler 55 Reputation points
    2023-01-31T15:50:18.7433333+00:00

    Can you try prepending .\ to the user name in the RDP window under general? So e.g. .\user@company.com

    4 people found this answer helpful.
    0 comments No comments

  2. Eleven Yu (Shanghai Wicresoft Co,.Ltd.) 10,761 Reputation points Microsoft Vendor
    2023-01-27T02:56:27.97+00:00

    How about below settings?
    Uncheck "Smart cards or Windows Hello for Business"
    User's image

    1 person found this answer helpful.

  3. Limitless Technology 44,411 Reputation points
    2023-01-26T16:23:08.03+00:00

    Hi. Thank you for your question and reaching out. I’d be more than happy to help you with your query.

    You can prevent the Remote Desktop Client from defaulting to Windows Hello for authentication by disabling the feature in the Remote Desktop settings. Here are the steps to do so:

    1. Open the Remote Desktop Connection client.
    2. Click on the "Show Options" button at the bottom of the window.
    3. In the "Advanced" tab, uncheck the box "Use Windows Hello for Business instead of passwords."
    4. Click on "OK" to save the changes.
    5. When prompted to enter your credentials, select "Use a password" and enter your password.

    But alternatively, you can disable Windows Hello for Business altogether, this will prevent the Remote Desktop Client from defaulting to Windows Hello for authentication. By disabling the feature in the Remote Desktop settings or by disabling Windows Hello for Business, it will prevent the Remote Desktop client from defaulting to Windows Hello for authentication.

    If the reply was helpful, please don’t forget to upvote or accept as answer, thank you.


  4. Limitless Technology 44,411 Reputation points
    2023-01-26T16:23:25.37+00:00

    Double post

    0 comments No comments

  5. Eric Wightman 60 Reputation points
    2023-01-26T17:49:04.2933333+00:00

    Screenshot 2023-01-26 122941

    Thank you for the response. Sadly that option is missing from my MSTSC app. I was hoping the answer would be that simple. After posting the question yesterday I kept researching and someone had suggested to enter in the username "Microsoftaccount(email address used for O365 business account) when connecting to a server, this so far has worked out. When it saves, the credentials it removes the "Microsoftaccount" part and allows you to enter a password without jumping through the WH4B hoops.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.