Changing the default Remote Desktop Protocol (RDP) port on Windows is a critical step in enhancing the security of your system. By default, RDP listens on port 3389, which is widely known and targeted by malicious actors. Automated bots and hackers continuously scan networks for open default ports like this, looking for vulnerable systems to exploit. Altering the default port creates an additional layer of security, making it significantly harder for attackers to locate and target your RDP service.

Another reason to change the default RDP port is to reduce the noise in your system's logs caused by automated attacks. When your system uses the default port, it is highly likely to be flooded with unsuccessful login attempts or brute-force attacks. This not only puts your system at risk but also makes it more challenging to identify genuine threats among the clutter. Switching to a non-standard port helps keep your logs cleaner and easier to manage, allowing you to focus on legitimate security concerns.

Changing the port can also enhance the system's performance and network stability. Attack attempts on the default RDP port can consume resources, including bandwidth and server capacity, potentially slowing down your system or affecting the availability of services. By moving to a less obvious port, you minimize the likelihood of these unsolicited attempts, allowing your network to operate more efficiently and securely.

While changing the default RDP port is not a comprehensive security solution, it is an effective measure when combined with other best practices, such as enabling firewalls, using strong passwords, and deploying multi-factor authentication. This strategy, often referred to as "security through obscurity," makes your system less visible to attackers, buying you more time to detect and mitigate potential threats. In today's cybersecurity landscape, every additional layer of protection counts, and altering the RDP port is an easy yet impactful step toward safeguarding your Windows system.

Below is the registry file how you can change the default RDP port. Notice the dword:0000826d is actually value in Hexadecimal value. If you convert this to decimal it is actually 33389. So after applying the registry above, you have changed the default RDP port from 3389 to 33389. You can utilize the converter below to change it. 

If you feel lazy and don't want to do anything about it, just download the registry files below and double click and run it. My registry file below is changing to 33389, but if you want to change to another value, edit the registry and re-run again. 

Once you have changed the default port, whenever you wanted to remote to the server make sure you append :[PORTNUMBER]. For example, if you are using IP address of 10.0.0.1 then you should change it to 10.0.0.1:33389.