I use Chrome Remote Desktop pretty much every day. However, the thought that someone might be sitting in front of the client machine watching (or worse, hijacking) what I'm doing is a serious concern. Almost prohibitively so.
I found the solution called "curtain mode." It makes Chrome Remote Desktop more like MS-RDP (which only shows the login screen while you are accessing it). Via Google, there are many step-by-step instructions on how to achieve curtain mode. Indeed, one of them is straight from google: https://support.google.com/chrome/a/answer/2799701?hl=en.
In particular, I am concerned with step 2 of this process:
Steps for all Windows installations:
- Using Regedit, set HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\RemoteAccessHostRequireCurtain to 1.
- Enable RDP connections to the machine by unchecking Control Panel\System and Security\System > Remote settings > "Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)".
The step calls for removing what seems to be a critical security layer around the Microsoft RDP apparatus. I am not entirely sure what it means or the consequences of unchecking the box.
What is "Network Level Authentication" ? Does it make the machine more hackable if removed?