Security Handbook

Restrict access

In general, it is only possible to make a connection to a device

if the TeamViewer ID and the associated password are known or
if the access is confirmed via Easy Access or
the connection partner confirmed the access manually.

If none of the above points is given, accessing a device is impossible.

Depending on where you want to restrict access - locally or on the remote device - please make sure to make the setting on your TeamViewer of the remote device (locally or during a remote session)

⚠Important: Do not share your ID and password with a person you do not know or trust.

You can also restrict access to your computer in different ways. Depending on how you want to restrict access and to what extent, choose one of the following options:

Restrict access via block and allowlist

You can restrict access to specific devices or persons via the block and allowlist.

The blocklist allows you to deny incoming connections for specific TeamViewer IDs or accounts.
The allowlist enables you to define specific TeamViewer IDs or accounts that are exclusively allowed for connections.

💡Hint: Everyone not being on the allowlist is automatically denied to connect.

Find a detailed description of how to set the block and allowlist and more information here:

📄 Block and allowlist

Restrict Access Control for incoming connections

You can restrict access control for incoming connections via the Settings (⚙) ➜ Options ➜ Advanced ➜ Advanced Settings for connections to this computer ➜ Access Control.

Choose between Full access, Confirm all, View and Show, Custom Settings, or deny any incoming remote control connection.

Restrict Access Control for outgoing connections

You can restrict access control for outgoing connections via Settings (⚙) ➜ Options ➜ Advanced ➜ Advanced Settings for connections to other computers ➜ Access Control

Choose between Full access, Confirm all, View and Show, Custom Settings, or deny any outgoing remote control connection.

Deny connections from outside your network

Another option is to deny connections from outside your network. With this, you are only allowing incoming LAN connections.

Conditional Access and preapproved access

With Conditional Access, you can enforce Remote Access rights to prevent unauthorized activities and align with security policies.

Control TeamViewer usage and access rights throughout your organization using a rules engine you configure within TeamViewer. This conditional access provides an additional layer of security for your corporate network.

TeamViewer customers with a TeamViewer Enterprise/Tensor license and Conditional Access AddOn can use the Conditional Access feature. Read more here:

📄 Conditional Access

You can also use preapproved access to allow designated users to request and gain access to your device environments for a specified time frame without the need for real-time authorization. Read more here:

📄 Preapproved access

Completely prevent any access

To completely prevent any access, exit TeamViewer in the taskbar.

Any incoming or outgoing connections are no longer possible.