How to Disable TLS 1.0 in Windows 11/10 - Windows Basics


Thursday, March 17, 2022

How to Disable TLS 1.0 in Windows 11/10

TLS (Transport Layer Security) 1.0 is an archaic cryptographic protocol that has now been replaced by TLS 1.2 and the upcoming TLS 1.3. Only a handful of sites continue to use TLS 1.0. Microsoft announced in 2018 that they would be discontinuing TLS 1.0 in 2020. In an MS blog post, Microsoft Senior PM Team Leader stated:

Two decades is a long time for a security technology that has not changed. Although we are not aware of critical vulnerabilities with our updated TLS 1.0 and TLS 1.1 implementations, vulnerable third-party implementations still exist. Switching to newer versions helps ensure a safer Web for everyone.

So TLS 1.0 is no longer good. Although Microsoft will discontinue production, some users may want to disable TLS 1.0 sooner rather than later. This is how users can disable TLS 1.0 in Windows.

A. Uncheck the Option Use TLS 1.0

1. We can disable TLS 1.0 through the Internet Properties window. To open that window, press the Windows Keys+ S keyboard shortcut to open the search utility. Type internet options in the search text box.

2. Then click Internet Options to open the window in the shot directly below.

3. Click the Advanced tab.

4. Scroll down to the Use TLS 1.0 option shown directly below.

5. Uncheck the Use TLS 1.0 setting.

6. Press the Apply button. Click the OK option to exit the window.


B. Edit the registry to disable TLS 1.0

1. We can also edit the registry to disable TLS 1.0. To do so, launch the Run accessory using the Windows + R keyboard shortcut. Type regedit in Run, this will open the Registry Editor.

2. Then open this registry key path in the Registry Editor:


2. If you can't see TLS 1.0 and the Client subkeys, they'll need to generate them. Right-click Protocol, select New > Key, then enter TLS 1.0 as the key header.

3. Next, right-click on TLS 1.0, select the New > Keys option, then enter Client as the title for the second subkey.

4. Right-click on Client, select New > DWORD (32-bit) Value, and name it Enabled. Now, since the default value of Enabled is 0, TLS 1.0 will be Disabled. However, if you want to Enable the protocol, just change the Value data to 1.

This way, you have disabled TLS 1.0  on your computer. 

Hopefully, you can disable TLS 1.0 with the help of these two methods.

No comments:

Post a Comment