HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled set to 0

Started by certforumz, May 22, 2024, 12:34:45 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

certforumz

May 22, 2024, 12:34:45 AM
https://learn.microsoft.com/en-us/answers/questions/818458/fips-140-2-support

Modifying the registry can be risky if done incorrectly, so it's important to proceed with caution. Here's how to set the Enabled value under HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy to 0:

Using Registry Editor:

Press the Windows key + R to open the Run dialog.

Type regedit and press Enter or click "OK".

Navigate to the following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy
Set the Enabled value to 0:

Click on the "FIPSAlgorithmPolicy" key.
In the right pane, find the value named "Enabled".
Double-click on "Enabled".
In the "Edit DWORD Value" window, change the "Value data" to "0" (zero).
Click "OK" to save the changes.
Restart your computer for the changes to take effect.

Important Considerations:

Understanding FIPS: FIPS stands for Federal Information Processing Standards. Setting Enabled to 0 disables FIPS-compliant algorithms, which are cryptographic algorithms approved by the US government. This can potentially weaken your system's security. Only proceed if you understand the implications and have a legitimate reason to disable FIPS.
Compatibility Issues: Disabling FIPS might cause compatibility issues with certain software or systems that rely on FIPS-compliant algorithms. Make sure you're aware of these potential issues before proceeding.
Alternative Method: You can also achieve the same result using Group Policy Editor (gpedit.msc) if your edition of Windows supports it. However, this method is generally not recommended for home users.
If you're unsure about modifying the registry or the potential consequences, it's best to consult with a qualified IT professional.

Print
Go Up Pages1
User actions