Registry key controlling Restricted Admin mode for RDP. Disabling this (setting to 1) exposes administrative credentials in memory during RDP sessions.