Encryption algorithm Triple DES[295][296][297] is a block cipher[78][79][80][81] which is still recognized as secure, but deprecated. It has multiple vulnerabilities[298][299][300][301] (eg: sweet32 attack[22][23][24][25], meet-in-the-middle attack[62], brute-force attack[54]) and it is considered as weak and disallowed by National Institute of Standards and Technology[470][471] after 2023.
Remove the cipher suite from the list of cipher suites supported by your server.
Get a prompt and clear overview of your security configuration. Right now!
You can fix your security setting with the following config snippets in various services. You simply copy-paste (or delete) them to get a better secirity and grade. Do not forget to re-check your modified settings above.
If you want to reveal your security weaknesses and monitor your services or supply chain sign up for our beta test.
OLD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA OLD_TLS_RSA_FIPS_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA TLS_DH_anon_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA TLS_KRB5_WITH_3DES_EDE_CBC_MD5 TLS_KRB5_WITH_3DES_EDE_CBC_SHA TLS_PSK_WITH_3DES_EDE_CBC_SHA TLS_RSA_FIPS_WITH_3DES_EDE_CBC_SHA TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_MD5 TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA
