Disable insecure ciphers
Overview
This category contains privacy scripts for Windows.
These changes use Windows system commands to update your settings.
This category improves network security by disabling outdated and less secure cipher suites.
Cipher suites are sets of cryptographic algorithms used to secure network connections 1. They include ciphers, known as bulk encryption algorithms 1 or simply bulk ciphers 2. Ciphers encrypt messages exchanged between clients and servers 1. Using outdated cipher suites exposes data to risks of interception and tampering during transmission 2.
Disabling insecure ciphers meets security standards set by NIST 3, CIS 4, IRS 5, OWASP 6 and Germany's Federal Office for Information Security (BSI) 7. This enhances data confidentiality and integrity 4. It also protects against threats such as attackers exploiting cryptographic weaknesses, malicious insiders, state actors, and cybercriminals 8.
This may cause compatibility issues with older devices or software.
Be careful running these scripts. This category includes scripts with high impact:
- 🟡 Some recommended scripts only if you understand its implications. Some non-critical or features may no longer function correctly after running this this category.
- 🟢 Some safely recommended scripts. Safe-to use for any user.
Implementation Details
-
Language: batch
-
Scripts Count: 5 scripts
-
Required Privileges: Administrator rights
-
Compatibility: Windows only
-
Reversibility: All changes can be reverted
Apply now
These scripts are written using Batch (batchfile) scripting language.
Choose one of two ways to apply:
- Automatically via privacy.sexy: The easiest and safest option.
- Manually by downloading: Requires downloading a file.
Alternative 1. Apply with Privacy.sexy
privacy.sexy is free and open-source application that lets securely apply this action easily.
It allows selectively choose parts of this action to conduct. You can fully restore this action (revert back to the original behavior) using the application. Additionally, you can apply only the recommended scripts, instead of applying all of the scripts.
privacy.sexy instructions
- Open or download the desktop application
- Search for the category name:
Disable insecure ciphers
. - Check the category by clicking on the checkbox of the category.
- Click on Run button at the bottom of the page.
Alternative 2. Download
You can choose to apply only scripts with less impact or also those with higher impact:
Consider restarting your computer for all changes to take affect.
This action is completely reversible, you can restore your changes to the initial/default state. The restore/revert methods provided here can help you fix issues.
If something goes wrong, use the Revert script provided above.
Standard
This script includes only Standard recommendation level.
Standard scripts in this category is recommended for all users. They help to improve privacy without affecting stability.
Download only standard scripts by clicking on the button:
Restore these changes if you decide to revert them by downloading the restore script:
Strict
This script includes Standard and Strict recommendation levels.
This script is only recommended if you understand their implications of every single change. Some non-critical or features may no longer function correctly after running this script.
Download Strict scripts:
Restore these changes if you decide to revert them by downloading the restore script:
Explore further
This category includes total of 5 scripts but no subcategories.
Explore its 5 scripts:
Disable insecure "RC2" ciphers
This script disables RC2 ciphers. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. Authorities like Microsoft, NIST (FIPS), CIS, Federal Office for Information Security (BSI), OWASP, and NSA (National Security Agency) classify this algorithm as weak and recommend against its use. By disabling RC2, the script en...
Disable insecure "RC4" ciphers
This script disables the RC4 ciphers. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. Authorities like Microsoft, NIST (FIPS), CIS, Federal Office for Information Security (BSI), OWASP, and NSA (National Security Agency) classify this algorithm as weak and recommend against its use. This script disables these ...
Disable insecure "DES" cipher
This script disables the "DES 56/56" cipher, also known as DES 56 or 56-bit DES. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. Authorities like Microsoft, NIST (FIPS), CIS, Federal Office for Information Security (BSI), OWASP, and NSA (National Security Agency) consider this cipher weak and either discou...
Disable insecure "Triple DES" cipher
This script disables the "Triple DES 168" ("Triple DES 168/168" before Windows Vista) cipher, also known as 3DES, The Triple Data Encryption Algorithm (TDEA) and TDES. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. Authorities like Apple, NIST Federal Office for Information Security (BSI), NSA (Nation...
Disable insecure "NULL" cipher
This script disables the "NULL" cipher. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. This algorithm provides no encryption, leaving data completely unprotected. Authorities like Microsoft, NIST (FIPS), CIS, and Federal Office for Information Security (BSI), NSA (National Security Agency) classify this algor...
Explore Categories
- Disable insecure connections
- Improve network security
- Security improvements
This action belongs to Disable insecure connections category. This category includes scripts designed to enhance users' security and privacy by disabling outdated or vulnerable connections across the system. It safeguards data against interception, unauthorized access, and attacks that exploit outdated technology vulnerabilities, including... Read more on category page ▶
This action belongs to Improve network security category. This category is dedicated to improving network security. It aims to minimize vulnerabilities by offering various settings that improve the integrity and confidentiality of data transmitted over the network. It features a range of measures to protect data transmission from unauthorized access,... Read more on category page ▶
This action belongs to Security improvements category. This category encompasses a range of scripts designed to improve the security of your system by enforcing security best practices. These scripts help protect your system against various types of cyber threats and unauthorized access. Read more on category page ▶
Support
This website relies on your support.
Your donation helps keep the project alive and improves its content ❤️.
Share this page: