RDP Windows Defender Credential Guard Blocks Connection: How to Fix

Have you ever come across the error message "Windows Defender Credential Guard does not allow using saved credentials" while using RDP? If so, there's no need to fret. This article provides two solutions to resolve this issue.


By Ellie / Updated on June 7, 2024

Share this: instagram reddit

Windows Defender Credential Guard does not allow using saved credentials


After Windows updates, there is occurred saved credentials problem, RDP always asks password, cannot be saved. The error message 'Windows Defender Credential Guard does not allow using saved credentials' keeps appearing. How to solve this issue?”

- Question from Stack Overflow

Windows Defender Credential Guard

What is Windows Defender Credential Guard?

Remote Desktop Protocol (RDP) is a popular solution for remote access to systems. However, with great convenience comes great risk, and securing RDP connections is crucial. This is where Windows Defender Credential Guard steps in.

RDP Windows Defender Credential Guard is a security feature available in Windows 10 and later versions. It significantly enhances RDP security by isolating user credentials in a secure environment that is difficult for attackers to penetrate. This isolation helps prevent pass-the-hash and pass-the-ticket attacks, where attackers use stolen credentials to gain unauthorized access to systems.

When Credential Guard is activated, RDP connections won't accept passwords saved on Windows. Attempting to connect to a host via RDP triggers the message "Windows Defender Credential Guard does not allow using saved credentials" and prompts you to enter user credentials manually. To resolve this, you'll need to disable Windows Defender Credential Guard.

How to fix RDP Windows Defender Credential Guard block connection [2 solutions]

Here are two solutions to disable Windows Defender Credential Guard for RDP and resolve the "Windows Defender Credential Guard does not allow using saved credentials" error.

Solution 1. Edit group policy

Step 1. Begin by accessing the Local Group Policy Editor (gpedit.msc).

Run Box gpedit.msc

Step 2. Navigate to Computer Configuration > Administrative Templates > System > Device Guard > Turn on Virtualization Based Security.

Turn on Virtualization Based Security

Step 3. Within the "Credential Guard Configuration" segment, adjust the dropdown selection to "Disabled".

Disable Credential Guard Configuration

Solution 2. Edit Registry

Step 1. Commence by launching the Registry Editor (regedit).

Run Box Regedit

Step 2. Proceed to navigate to the following path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa.


Step 3. Introduce a fresh DWORD value labeled "LsaCfgFlags" and adjust its value to "0" to deactivate it.


Step 4. Conclude by shutting down the Registry Editor and rebooting the system.

AnyViewer: Secure remote access software

In today's world, ensuring secure and reliable remote access to systems and files is essential. AnyViewer stands out as an exceptional choice for secure remote access software. It offers a wide range of benefits, making it an ideal solution for both individuals and organizations. With robust security features, AnyViewer ensures that users can access their systems and files remotely with confidence. Whether you're managing personal files or overseeing a business network, AnyViewer provides the reliability and security needed to meet modern remote access demands.

Main Page

Security measures of AnyViewer

AnyViewer places a high priority on security with robust measures, which include:

  • Industry-leading end-to-end encryption: AnyViewer utilizes state-of-the-art asymmetric ECC 256-bit end-to-end encryption, ensuring top-notch security.
  • Two-factor authentication (TFA) for accounts: Enhance account security with TFA, requiring confirmation of logins from new devices via email if enabled.
  • Monitoring via screen walls: Easily monitor multiple device screens simultaneously with the screen wall feature, facilitating the detection of any unusual activity.
  • User role permissions management: Empower your team to create their own AnyViewer accounts and assign them roles and permissions, ensuring appropriate access levels for everyone.
  • Continuous updates: AnyViewer regularly releases new versions to proactively address potential threats and maintain up-to-date security.

Steps for secure remote access using AnyViewer

Here are the steps for securely accessing another computer using AnyViewer:

Download Freeware Win PCs & Servers
Secure Download

Step 1. Download and install AnyViewer on both your local and remote devices. Create an AnyViewer account and log in on both machines.

Free Editions

Step 2. Once installed, on your local device, choose the remote machine you wish to access and activate unattended remote access by clicking on "One-click control".


Step 3. With the setup complete, you now can manipulate the mouse and keyboard functions of the remote device.

The bottom line

In conclusion, addressing the RDP "Windows Defender Credential Guard does not allow using saved credentials" error involves either editing group policy settings or modifying the Windows registry. By disabling Windows Defender Credential Guard for RDP, users can resolve the issue and regain seamless remote access.

Additionally, for enhanced security and reliability, consider using AnyViewer. With features like end-to-end encryption, two-factor authentication, and user role management, AnyViewer offers a robust solution for secure remote access, making it an ideal choice for individuals and organizations in the era of remote work.