How to disable TLS 1.0 in Windows 10

Matthew Adams
by Matthew Adams
Windows & Software Expert
Download PDF
Affiliate Disclosure

TLS (Transport Layer Security) 1.0 is an antiquated cryptographic protocol that TLS 1.2 and the upcoming TLS 1.3 have now superseded. Only a small minority of websites continue to utilize TLS 1.0. Microsoft announced in 2018 that it will discontinue TLS 1.0 during 2020. In an MS blog post, Microsoft’s Senior PM Lead stated:

Two decades is a long time for a security technology to stand unmodified. While we aren’t aware of significant vulnerabilities with our up-to-date implementations of TLS 1.0 and TLS 1.1, vulnerable third-party implementations do exist. Moving to newer versions helps ensure a more secure Web for everyone.

So, TLS 1.0 isn’t much good anymore. Even though Microsoft will discontinue it, some users might prefer to disable TLS 1.0 sooner rather than later. This is how users can disable TLS 1.0 in Windows.

How can Users Disable TLS 1.0?

1. Uncheck the Use TLS 1.0 Option

  1. Users can disable TLS 1.0 via the Internet Properties window. To open that window, press the Windows key + S keyboard shortcut, which opens the search utility.
  2. Input ‘internet options’ in the search text box.
  3. Then users can click Internet Options to open the window in the shot directly below.The General tab windows 10 how to disable tls 1.0
  4. Click the Advanced tab.
  5. Scroll down to the Use TLS 1.0 option shown directly below.The Advanced tab windows 10 how to disable tls 1.0
  6. Deselect the Use TLS 1.0 setting.
  7. Press the Apply button.
  8. Click the OK option to exit the window.

2. Edit the Registry to Disable TLS 1.0

  1. Users can also edit the registry to disable TLS 1.0. To do so, launch the Run accessory with its Windows key + R keyboard shortcut.
  2. Input ‘regedit’ in Run, which will open the Registry Editor.
  3. Then open this registry key path in the Registry Editor:
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
  4. If users can’t see TLS 1.0 and Client subkeys, they’ll need to create them. Right-click Protocols, select New > Key, and then enter ‘TLS 1.0’ as the key title.TLS 1.0 key windows 10 how to disable tls 1.0
  5. Next, right-click TLS 1.0, select the New & Key options, and then enter ‘Client’ as the title for the second subkey.
  6. Thereafter, select the Client key; and right-click an empty space on the right of the Registry Editor to select New > DWORD (32-bit) Value.
  7. Enter ‘Enabled’ as the new DWORD’s title.Enabled DWORD windows 10 how to disable tls 1.0
  8. The default value for the Enabled DWORD is 0, which disables TLS 1.0. Users can double-click Enabled to edit its value with 0 (TLS 1.0 off) or 1 (TLS 1.0 on).
  9. Thereafter, close the Registry Editor and restart Windows.

So, there are a couple of ways users can disable TLS 1.0 in Windows. Disabling TLS 1.0 will probably have very little impact on browsing as 94 percent of websites now support TLS 1.2.


Was this page helpful?
Thanks for letting us know! You can also help us by leaving a review on MyWOT or Trustpillot.
Get the most from your tech with our daily tips
Tell us why!