Skip to content

Windows RDP Issues

How to Access Your Windows VPS via noVNC Console and Secure Your Remote Access

If your Windows VPS account is locked due to too many failed RDP login attempts, and you get a message saying "Your account has been locked" or "As a security precaution, the user account has been locked because there were too many logon attempts or password change attempts. Wait a while before trying again, or contact your system administrator or technical support.", you can regain access using the noVNC Console and/or change your password in the Client Area following these steps.

Security Best Practice

After regaining access, we strongly recommend creating a custom administrator account with a non-default username rather than continuing to use the built-in "Administrator" account. This significantly improves security by preventing automated attacks that target the default Administrator account.

Step 1: Access the Client Area

  1. Log in to your Synapsecom account https://portal.synapsecom.gr.
  2. Go to the Dashboard: https://portal.synapsecom.gr/clientarea.php

Step 2: Open the noVNC Console

  1. In the Your Active Products/Services section, locate your Windows VPS product.
  2. Click on your VPS to open its management page.
  3. Click the noVNC Console icon to open the console window.

Step 3: Log In from the Console

  • You will see the Windows login screen inside the console.
  • Press Ctrl+Alt+Del from the noVNC toolbar.
  • Enter the Administrator username and your password (or your custom admin username if already configured).
  • If you want to change or reset your password, proceed to Step 4, otherwise continue to Step 5.

Step 4: Reset Your Password

Option 1: If you know the current password

  1. Press Ctrl+Alt+Del from the noVNC toolbar.
  2. Enter your current password
  3. Right click on the windows button and click Run or press Windows + R if you logged in through RDP and type compmgmt.msc, press Enter.
  4. Go to: Local Users and Groups → Users
  5. Right-click your user account (either Administrator or your custom admin account) and select Set Password.
  6. Enter a new password and confirm it.

Security Recommendation

After regaining access, continue to Step 8 to learn how to create a new administrator account with a non-default username for improved security.

Option 2: If you do not know the current password

  1. Go to Product Details ( you probably already here since you selected the product)
  2. On the left sidebar under Actions, click Change a password.
  3. Enter your current password
  4. Then set and confirm the new password.

Step 5: Ensure Your Account is Enabled for RDP

Sometimes the account remains locked for RDP connections even after changing the password.

  1. Open Computer Management:
  2. Right click on the windows button and click Run or press Windows + R if you logged in through RDP and type compmgmt.msc, press Enter.
  3. Go to: Local Users and Groups → Users
  4. Double-click the account you want to use for RDP access.
  5. If you're still using the default Administrator account, consider creating a new admin account with a different username (see Step 8).
  6. Ensure:
  7. Account is disabled is unchecked.
  8. Account is locked out is unchecked.
  9. Click OK.

Step 6: Verify Remote Desktop is Enabled

  1. Right click on the windows button and click Run or press Windows + R if you logged in through RDP and type sysdm.cpl, press Enter.
  2. Go to the Remote tab.
  3. Under Remote Desktop, select Allow remote connections to this computer.
  4. Click OK.

Step 7: Reconnect via RDP

  1. Close the noVNC console.
  2. Open your RDP client.
  3. Enter your VPS IP, your admin username (we recommend using a custom admin account, not the default "Administrator"), and your password.
  4. Connect to your VPS.

Securing Remote Access

Continue to Step 8 to learn how to create a custom admin account to significantly enhance your VPS security. Using a non-default username prevents most automated attacks.

Step 8: Prevent Future Lockouts

To minimize the risk of account lockouts and enhance security, follow these best practices for RDP access:

  1. Create a New Administrator Account with a Random Username:
  2. Avoid using the default "Administrator" account, as it's a common target for brute-force attacks.
  3. Open Computer Management (right-click Windows button > Run > compmgmt.msc).
  4. Go to Local Users and Groups > Users.
  5. Right-click in the empty space and select New User.
  6. Create a username with a random, non-obvious name (e.g., something like "SysMgrX47" or use a password generator for randomness).
  7. Set a strong password and check User cannot change password and Password never expires for security.

  8. Add the new user to the Administrators group.

  9. Disable the Default Administrator Account:

  10. In Computer Management > Local Users and Groups > Users, right-click the Administrator account.
  11. Select Properties and check Account is disabled.

  12. This prevents attackers from targeting the well-known default account.

  13. Disable Account Lockout Policies for the New Admin Account:

  14. To prevent lockouts on your primary admin account, configure group policy to exempt it from lockout policies.
  15. Press Windows + R, type gpedit.msc, and press Enter.
  16. Navigate to Computer Configuration > Windows Settings > Security Settings > Account Policies > Account Lockout Policy.
  17. Note the current settings, then create a new policy or use a script to exempt the new admin account from lockouts (advanced users only; consult Microsoft documentation for details).

  18. Alternatively, monitor and reset lockouts manually if needed, but for high-security setups, consider this exemption carefully.

  19. Additional Security Measures:

  20. Enable Network Level Authentication (NLA): In System Properties > Remote tab, ensure "Allow connections only from computers running Remote Desktop with Network Level Authentication" is selected.
  21. Use Strong Passwords: Always use complex passwords (at least 12 characters, mix of letters, numbers, symbols).
  22. Limit Access by IP: Configure Windows Firewall to allow RDP only from specific IP addresses (Advanced Settings > Inbound Rules > Remote Desktop).
  23. Enable Multi-Factor Authentication (MFA): If available through your portal or third-party tools, add MFA to RDP logins.
  24. Keep Windows Updated: Regularly apply security patches to prevent exploits.
  25. Use an RDP Gateway: For added security, route RDP through a gateway server instead of direct exposure.
  26. Store passwords securely in a password manager and avoid saving RDP credentials in clients.

By following these steps, you reduce the risk of lockouts and unauthorized access without exposing your system to unnecessary dangers.