Windows drops support for 1024-bit TLS to secure web apps and browsing

Microsoft has announced its plans to discontinue support for RSA keys shorter than 2048 bits for Transport Layer Security authentication. This move is aimed at enabling future versions of Windows to block outdated and potentially harmful websites and applications.

Current security standards and best practices suggest the use of at least a 2048-bit RSA or 256-bit ECDSA cryptographic key. In comparison to 1024-bit keys, which offer 80-bit security, 2048-bit keys provide 112-bit security.

The modifications do not impact TLS certificates issued by enterprise or test certificate authorities (CAs), though it is advisable to update those as well.

In 2023, Microsoft ceased supporting TLS 1.0 and TLS 1.1 protocols for  actual Windows versions. Furthermore, starting with the Windows 11 Insider Preview builds in September 2023, TLS versions 1.0 and 1.1 are disabled by default.

Source

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:

If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!

Author: Sergey Tkachenko

Sergey Tkachenko is a software developer who started Winaero back in 2011. On this blog, Sergey is writing about everything connected to Microsoft, Windows and popular software. Follow him on Telegram, Twitter, and YouTube.

Leave a Reply

Your email address will not be published.

Exit mobile version
Using Telegram? Subscribe to the blog channel!
Hello. Add your message here.