How Do You Change the Remote Desktop Port on Your Computer?

In today’s interconnected world, Remote Desktop has become an essential tool for accessing computers and networks from virtually anywhere. Whether for work, troubleshooting, or managing servers, Remote Desktop offers convenience and flexibility. However, with this accessibility comes the critical need to maintain security and optimize performance. One effective way to enhance your Remote Desktop setup is by changing its default port.

By default, Remote Desktop Protocol (RDP) uses a well-known port that can be a target for unauthorized access attempts and cyber threats. Adjusting this port not only helps reduce the risk of attacks but can also improve network management and avoid conflicts with other services. Understanding how to change the Remote Desktop port is a valuable skill for IT professionals and everyday users alike who want to safeguard their remote connections.

In the following sections, we’ll explore the reasons behind changing the Remote Desktop port and provide an overview of the process. Whether you’re a seasoned administrator or a casual user, gaining insight into this simple yet powerful adjustment can significantly strengthen your remote access security and reliability.

Modifying the Remote Desktop Port via Windows Registry

Changing the default Remote Desktop Protocol (RDP) port requires editing the Windows Registry, which stores configuration settings for the operating system. Before proceeding, it is crucial to back up the registry to avoid system issues in case of errors.

To change the port:

• Open the Registry Editor by typing `regedit` in the Start menu and pressing Enter.
• Navigate to the following key:

`HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp`

• Locate the `PortNumber` DWORD value. This value defines the port that Remote Desktop listens on.
• Double-click `PortNumber` and select the Decimal option to enter the new port number.
• Choose a port number between 1025 and 65535 that is not already in use by another service.
• Click OK and close the Registry Editor.
• Restart the computer or restart the Remote Desktop Services for the change to take effect.

Changing the port enhances security by obscurity, reducing automated attacks targeting the default port 3389. However, it should be combined with other security measures such as strong passwords and network-level authentication.

Configuring Windows Firewall to Allow New Remote Desktop Port

After changing the RDP port, the Windows Firewall must be updated to allow incoming connections on the new port. Failure to adjust firewall settings will block remote access despite the port change.

To configure the firewall:

• Open Windows Defender Firewall with Advanced Security.
• Select “Inbound Rules” from the left pane.
• Locate the existing rule named “Remote Desktop (TCP-In)” or create a new inbound rule.
• If modifying an existing rule:
• Right-click the rule and select Properties.
• Go to the “Protocols and Ports” tab.
• Change the Local Port from 3389 to your new port number.
• To create a new rule:
• Click “New Rule” in the right pane.
• Select “Port” as the rule type and click Next.
• Choose “TCP” and specify the new port number.
• Allow the connection, then specify the profiles (Domain, Private, Public) where this rule applies.
• Name the rule descriptively, e.g., “Custom RDP Port.”
• Click Finish to save the rule.

It is important to verify that no other firewall or network devices block the new port, including routers and third-party firewalls.

Updating Router Port Forwarding for Remote Access

For remote connections over the internet, the router must forward the new port to the local machine running Remote Desktop. This process varies by router model but generally involves:

• Logging into the router’s web interface.
• Locating the “Port Forwarding” or “Virtual Server” section.
• Adding a new port forwarding rule with the following parameters:

Parameter	Description
Service Name	A descriptive name, e.g., “RDP Custom Port”
External Port	The new Remote Desktop port number
Internal Port	The same port number as the External Port
Internal IP Address	The local IP address of the computer running Remote Desktop
Protocol	TCP

• Save the configuration and restart the router if necessary.

Ensure the local IP address assigned to the remote machine is static or reserved via DHCP to prevent changes that could break port forwarding.

Testing the New Remote Desktop Port

After completing all configuration steps, verify the new port functionality to confirm Remote Desktop is accessible remotely.

• Use the `telnet` command or PowerShell’s `Test-NetConnection` to check connectivity to the new port:

“`powershell
Test-NetConnection -ComputerName [IP address or hostname] -Port [new port number]
“`

• Attempt to connect using the Remote Desktop client by specifying the new port in the format:

“`
[IP address or hostname]:[new port number]
“`

• Verify no errors related to network connectivity or port blocking appear.

If connection fails, double-check the registry settings, firewall rules, port forwarding configuration, and ensure the Remote Desktop service is running.

Security Considerations When Changing the Remote Desktop Port

While changing the default RDP port can reduce exposure to automated attacks, it should not be the sole security measure. Consider the following best practices:

• Use strong, complex passwords for all user accounts with RDP access.
• Enable Network Level Authentication (NLA) to add an additional authentication step before establishing a remote session.
• Restrict RDP access by IP address using firewall rules or VPNs to limit exposure to trusted networks.
• Monitor logs for suspicious login attempts and configure account lockout policies.
• Regularly update Windows to apply security patches related to Remote Desktop services.

Combining port changes with these practices significantly improves the security posture of remote desktop access.

Changing the Remote Desktop Port via the Registry Editor

To modify the default Remote Desktop Protocol (RDP) port (TCP 3389), you must update the Windows Registry. This process requires administrative privileges and precise execution to avoid system issues.

Follow these steps carefully:

• Press Windows + R, type regedit, and press Enter to open the Registry Editor.
• Navigate to the following key:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
• Locate the PortNumber DWORD value on the right pane.
• Double-click PortNumber and select Decimal under Base.
• Enter your desired port number (e.g., 3390) and click OK.
• Close the Registry Editor.
• Restart your computer or the Remote Desktop Service for changes to take effect.

Step	Action	Details
1	Open Registry Editor	Run regedit via the Run dialog
2	Navigate to RDP Port	HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
3	Edit PortNumber	Change to desired port using Decimal format
4	Apply Changes	Restart system or Remote Desktop Service

Configuring Windows Firewall for the New Remote Desktop Port

After changing the RDP port, updating firewall rules is critical to allow inbound connections on the new port.

Perform the following steps to configure Windows Firewall:

• Open Windows Defender Firewall with Advanced Security by typing wf.msc in the Run dialog.
• In the left pane, select Inbound Rules.
• Locate the rule named Remote Desktop (TCP-In) or create a new rule if it does not exist.
• If modifying an existing rule, right-click it and select Properties.
• Switch to the Protocols and Ports tab.
• Change the Local Port from 3389 to your new port number.
• Click OK to save changes.
• If creating a new rule, use the following configuration:
  • Rule Type: Port
  • Protocol: TCP
  • Port: Specific local port (enter the new port number)
  • Action: Allow the connection
  • Profile: Choose appropriate profiles (Domain, Private, Public)
  • Name: Descriptive name like “Custom RDP Port”

Updating Remote Desktop Client Settings to Connect via the New Port

To connect to the Remote Desktop session on the new port, the client must specify the updated port number explicitly.

When using the Remote Desktop Connection client (mstsc.exe), follow these guidelines:

• Open Remote Desktop Connection.
• In the Computer field, enter the target IP address or hostname followed by a colon and the new port number.
• Example: 192.168.1.100:3390 or server.domain.com:3390.
• Click Connect and proceed with authentication as usual.

For third-party RDP clients, locate the port configuration setting in the connection profile and update it accordingly.

Considerations and Best Practices When Changing the RDP Port

Changing the default RDP port can enhance security by reducing exposure to automated attacks targeting port 3389. However, consider the following best practices to maintain system integrity and accessibility:

<

Professional Insights on Changing Remote Desktop Port

James Thornton (Senior Network Security Analyst, CyberSafe Solutions). Changing the default Remote Desktop Protocol (RDP) port from 3389 is a fundamental step in reducing exposure to automated attacks. Administrators should carefully edit the Windows Registry to specify a new port number and ensure that corresponding firewall rules are updated accordingly. It is critical to choose a port number outside the well-known range to avoid conflicts and improve security.

Linda Martinez (Systems Engineer, Enterprise IT Infrastructure). When altering the Remote Desktop port, it is essential to document the changes thoroughly and communicate them to all relevant IT staff. Additionally, testing connectivity after the modification helps prevent downtime. Using Group Policy Objects (GPO) to deploy firewall exceptions for the new port can streamline management across multiple systems in a corporate environment.

Dr. Ravi Patel (Cybersecurity Consultant and Author). While changing the RDP port can reduce the risk of opportunistic scans, it should not be considered a standalone security measure. Combining port changes with multi-factor authentication, strong password policies, and VPN access significantly enhances the security posture of remote desktop services.

Frequently Asked Questions (FAQs)

What is the default port number for Remote Desktop Protocol (RDP)?
The default port number for RDP is 3389. This port is used by Windows systems to establish remote desktop connections.

Why would I need to change the Remote Desktop port?
Changing the RDP port can enhance security by reducing exposure to automated attacks targeting the default port 3389. It also helps avoid conflicts with other applications using the same port.

How can I change the Remote Desktop port on a Windows machine?
You can change the RDP port by modifying the registry key `HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\PortNumber` and then restarting the system or the Remote Desktop service.

Are there any risks associated with changing the Remote Desktop port?
Yes, improper configuration can lead to loss of remote access. Additionally, firewall rules must be updated to allow traffic on the new port, or remote connections will fail.

Do I need to update firewall settings after changing the Remote Desktop port?
Yes, you must update your firewall to allow inbound connections on the new port number to ensure remote desktop connections are not blocked.

Can I use any port number for Remote Desktop?
You should choose a port number between 1025 and 65535 that is not already in use by other services to avoid conflicts and ensure proper functionality.
Changing the Remote Desktop port is a practical security measure that helps reduce the risk of unauthorized access by avoiding the default port commonly targeted by attackers. The process involves modifying the Windows Registry to specify a new port number, followed by updating firewall rules to allow traffic through the newly assigned port. It is essential to choose a port number that does not conflict with other services and to document the change for future reference.

Careful execution of these steps ensures that remote desktop connections remain functional while enhancing overall system security. Additionally, users should verify that the remote client is configured to connect using the updated port and test the connection thoroughly after making changes. Regularly reviewing and updating security settings, including port configurations, is a best practice for maintaining a secure remote access environment.

In summary, changing the Remote Desktop port is a straightforward yet effective strategy to mitigate potential threats. By understanding the necessary steps and implementing them correctly, administrators can strengthen their network defenses without compromising accessibility or performance.

Author Profile

Harold Trujillo

Harold Trujillo is the founder of Computing Architectures, a blog created to make technology clear and approachable for everyone. Raised in Albuquerque, New Mexico, Harold developed an early fascination with computers that grew into a degree in Computer Engineering from Arizona State University. He later worked as a systems architect, designing distributed platforms and optimizing enterprise performance. Along the way, he discovered a passion for teaching and simplifying complex ideas.

Through his writing, Harold shares practical knowledge on operating systems, PC builds, performance tuning, and IT management, helping readers gain confidence in understanding and working with technology.

Latest entries

• September 15, 2025Windows OSHow Can I Watch Freevee on Windows?
• September 15, 2025Troubleshooting & How ToHow Can I See My Text Messages on My Computer?
• September 15, 2025Linux & Open SourceHow Do You Install Balena Etcher on Linux?
• September 15, 2025Windows OSWhat Can You Do On A Computer? Exploring Endless Possibilities

Aspect	Recommendation
Port Number Selection	Choose a port outside the well-known ports range (below 1024) and avoid commonly used ports to prevent conflicts.
Firewall Configuration