Security

How AdvDesk protects your sessions.

Incoming-connection prompt

By default the host sees a popup for every incoming connection — nothing happens until you click Accept. Disable only on machines you fully trust.

Permanent password (unattended)

For headless servers, set a permanent password from the host menu. Pick a strong one — it never rotates automatically.

Account 2FA

Enable TOTP-based 2FA from /account/2fa. Compatible with Google Authenticator, 1Password, Authy, and any RFC 6238 app. Backup codes are issued at setup.

Audit log

Every session start/end is logged in your dashboard with timestamp, peer ID, and bytes transferred.

Encryption

All connections are TLS 1.2+ end-to-end through the relay. The relay never sees your screen content — the payload is end-to-end encrypted between host and viewer.