TLS (Transport Layer Security) 1.0 is an antiquated cryptographic protocol that TLS 1.2 and the upcoming TLS 1.3 have now superseded. Only a small minority of websites continue to utilize TLS 1.0. Microsoft announced in 2018 that it will discontinue TLS 1.0 during 2020. In an MS blog post, Microsoft’s Senior PM Lead stated:
Two decades is a long time for a security technology to stand unmodified. While we aren’t aware of significant vulnerabilities with our up-to-date implementations of TLS 1.0 and TLS 1.1, vulnerable third-party implementations do exist. Moving to newer versions helps ensure a more secure Web for everyone.
So, TLS 1.0 isn’t much good anymore. Even though Microsoft will discontinue it, some users might prefer to disable TLS 1.0 sooner rather than later. This is how users can disable TLS 1.0 in Windows.
How can Users Disable TLS 1.0?
1. Uncheck the Use TLS 1.0 Option
- Users can disable TLS 1.0 via the Internet Properties window. To open that window, press the Windows key + S keyboard shortcut, which opens the search utility.
- Input ‘internet options’ in the search text box.
- Then users can click Internet Options to open the window in the shot directly below.
- Click the Advanced tab.
- Scroll down to the Use TLS 1.0 option shown directly below.
- Deselect the Use TLS 1.0 setting.
- Press the Apply button.
- Click the OK option to exit the window.
2. Edit the Registry to Disable TLS 1.0
- Users can also edit the registry to disable TLS 1.0. To do so, launch the Run accessory with its Windows key + R keyboard shortcut.
- Input ‘regedit’ in Run, which will open the Registry Editor.
- Then open this registry key path in the Registry Editor:
- If users can’t see TLS 1.0 and Client subkeys, they’ll need to create them. Right-click Protocols, select New > Key, and then enter ‘TLS 1.0’ as the key title.
- Next, right-click TLS 1.0, select the New & Key options, and then enter ‘Client’ as the title for the second subkey.
- Thereafter, select the Client key; and right-click an empty space on the right of the Registry Editor to select New > DWORD (32-bit) Value.
- Enter ‘Enabled’ as the new DWORD’s title.
- The default value for the Enabled DWORD is 0, which disables TLS 1.0. Users can double-click Enabled to edit its value with 0 (TLS 1.0 off) or 1 (TLS 1.0 on).
- Thereafter, close the Registry Editor and restart Windows.
So, there are a couple of ways users can disable TLS 1.0 in Windows. Disabling TLS 1.0 will probably have very little impact on browsing as 94 percent of websites now support TLS 1.2.
RELATED ARTICLES TO CHECK OUT: