Disabling RC4

RC4 is a stream cipher for bulk encryption that nowadays is considered as practically vulnerable and was officially deprecated by Internet Engineering Task Force.

  1. Open registry editor:

    Win + R > regedit

  2. Navigate to:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Ciphers

  3. Right-click on “Ciphers” > New > Key

    Hardening_14.jpg

    Name the key “RC4 40/128”

  4. Right-click on “RC4 40/128” > New > DWORD (32-bit) Value

    Hardening_15.jpg

    Name the value “Enabled”

  5. Double-click the created “Enabled” value and make sure that there is zero (0) in ”Value Data:” field > click “OK”

    Hardening_16.jpg

  6. Create two more keys with the names “RC4 56/128” and “RC4 128/128” in the “Ciphers” directory. Repeat steps 4 and 5 for each of them.
  7. After step 6 is completed, you should have three keys for RC4 in total in Ciphers. Each RC4 key should have the “DWORD” value named “Enabled” with zero (0) value data.

    Hardening_17.jpg

  8. You may need to restart Windows Server to apply the changes.

Comments

We welcome your comments, questions, corrections and additional information relating to this article. Your comments may take some time to appear. Please be aware that off-topic comments will be deleted.

If you need specific help with your account, feel free to contact our Support Team. Thank you.

Need help? We're always here for you.

× Close