Disabling RC4

RC4 is a stream cipher for bulk encryption that nowadays is considered as practically vulnerable and was officially deprecated by Internet Engineering Task Force.

  1. Open registry editor:

    Win + R >> regedit

  2. Navigate to:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Ciphers

  3. Right-click on Ciphers >> New >> Key

    Hardening_14.jpg

    Name the key 'RC4 40/128'

  4. Right-click on RC4 40/128 >> New >> DWORD (32-bit) Value

    Hardening_15.jpg

    Name the value 'Enabled'

  5. Double-click the created Enabled value and make sure that there is zero (0) in Value Data: field >> click OK

    Hardening_16.jpg

  6. Create two more keys with the names 'RC4 56/128' and 'RC4 128/128' in the Ciphers directory. Repeat steps 4 and 5 for each of them.
  7. After step 6 is completed, you should have three keys for RC4 in total in Ciphers. Each RC4 key should have the DWORD value named 'Enabled' with zero (0) value data.

    Hardening_17.jpg

  8. You may need to restart Windows Server to apply the changes.

Updated
9/23/2019

Viewed
21025 times

Comments

We welcome your comments, questions, corrections and additional information relating to this article. Your comments may take some time to appear. Please be aware that off-topic comments will be deleted.

If you need specific help with your account, feel free to contact our Support Team. Thank you.

Need help? We're always here for you.

× Close