Skip to main content

Disable insecure ciphers

Overview

About this category

This category contains privacy scripts for Windows.

These changes use Windows system commands to update your settings.

This category improves network security by disabling outdated and less secure cipher suites.

Cipher suites are sets of cryptographic algorithms used to secure network connections 1. They include ciphers, known as bulk encryption algorithms 1 or simply bulk ciphers 2. Ciphers encrypt messages exchanged between clients and servers 1. Using outdated cipher suites exposes data to risks of interception and tampering during transmission 2.

Disabling insecure ciphers meets security standards set by NIST 3, CIS 4, IRS 5, OWASP 6 and Germany's Federal Office for Information Security (BSI) 7. This enhances data confidentiality and integrity 4. It also protects against threats such as attackers exploiting cryptographic weaknesses, malicious insiders, state actors, and cybercriminals 8.

Caution

This may cause compatibility issues with older devices or software.

Caution: Mixed Risk Levels

Be careful running these scripts. This category includes scripts with high impact:

  • 🟡 Some recommended scripts only if you understand its implications. Some non-critical or features may no longer function correctly after running this this category.
  • 🟢 Some safely recommended scripts. Safe-to use for any user.
Implementation Details
  • Language: batch

  • Scripts Count: 5 scripts

  • Required Privileges: Administrator rights

  • Compatibility: Windows only

  • Reversibility: All changes can be reverted

Apply now

These scripts are written using Batch (batchfile) scripting language.

Choose one of two ways to apply:

  1. Automatically via privacy.sexy: The easiest and safest option.
  2. Manually by downloading: Requires downloading a file.

Alternative 1. Apply with Privacy.sexy

privacy.sexy is free and open-source application that lets securely apply this action easily.

Open privacy.sexy

It allows selectively choose parts of this action to conduct. You can fully restore this action (revert back to the original behavior) using the application. Additionally, you can apply only the recommended scripts, instead of applying all of the scripts.

privacy.sexy instructions
  1. Open or download the desktop application
  2. Search for the category name: Disable insecure ciphers.
  3. Check the category by clicking on the checkbox of the category.
  4. Click on Run button at the bottom of the page.

Alternative 2. Download

You can choose to apply only scripts with less impact or also those with higher impact:

Standard

Recommended for all users. It helps to improve privacy without affecting stability.

Scroll

Strict

Recommended if you understand its implications. It may cause some non-critical features to no longer function correctly.

Scroll

Consider restarting your computer for all changes to take affect.

Reversible

This action is completely reversible, you can restore your changes to the initial/default state. The restore/revert methods provided here can help you fix issues.

If something goes wrong, use the Revert script provided above.

Standard

This script includes only Standard recommendation level.

Safe for General Use

Standard scripts in this category is recommended for all users. They help to improve privacy without affecting stability.

Download only standard scripts by clicking on the button:

Download script

Restore these changes if you decide to revert them by downloading the restore script:

Download restore script

Strict

This script includes Standard and Strict recommendation levels.

Use with Caution

This script is only recommended if you understand their implications of every single change. Some non-critical or features may no longer function correctly after running this script.

Download Strict scripts:

Download script

Restore these changes if you decide to revert them by downloading the restore script:

Download restore script

Explore further

This category includes total of 5 scripts but no subcategories.

Explore its 5 scripts:

Disable insecure "RC2" ciphers

This script disables RC2 ciphers. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. Authorities like Microsoft, NIST (FIPS), CIS, Federal Office for Information Security (BSI), OWASP, and NSA (National Security Agency) classify this algorithm as weak and recommend against its use. By disabling RC2, the script en...

Disable insecure "RC4" ciphers

This script disables the RC4 ciphers. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. Authorities like Microsoft, NIST (FIPS), CIS, Federal Office for Information Security (BSI), OWASP, and NSA (National Security Agency) classify this algorithm as weak and recommend against its use. This script disables these ...

Disable insecure "DES" cipher

This script disables the "DES 56/56" cipher, also known as DES 56 or 56-bit DES. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. Authorities like Microsoft, NIST (FIPS), CIS, Federal Office for Information Security (BSI), OWASP, and NSA (National Security Agency) consider this cipher weak and either discou...

Disable insecure "Triple DES" cipher

This script disables the "Triple DES 168" ("Triple DES 168/168" before Windows Vista) cipher, also known as 3DES, The Triple Data Encryption Algorithm (TDEA) and TDES. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. Authorities like Apple, NIST Federal Office for Information Security (BSI), NSA (Nation...

Disable insecure "NULL" cipher

This script disables the "NULL" cipher. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. This algorithm provides no encryption, leaving data completely unprotected. Authorities like Microsoft, NIST (FIPS), CIS, and Federal Office for Information Security (BSI), NSA (National Security Agency) classify this algor...

Explore Categories

This action belongs to Disable insecure connections category. This category includes scripts designed to enhance users' security and privacy by disabling outdated or vulnerable connections across the system. It safeguards data against interception, unauthorized access, and attacks that exploit outdated technology vulnerabilities, including... Read more on category page ▶

Support

This website relies on your support.

Support now

Your donation helps keep the project alive and improves its content ❤️.

Share this page: