Windows 10 Home has limited option to use advanced Network encryption setting example with gpedit.msc, so you are left only with Internet Options, but if you upgrade or buy Windows 10 Pro, you will have option to look at this

Use GPO Editor for TLS 1.3 and TLS 1.2 in Cipher Suite Order

Turn Off SSL 2.0, 3.0 and TLS 1.0/TLS 1.1 in your Internet Options and Browser

Use TLS 1.2 or higher - also from servers, depricate low encyptions by only using TLS 1.2 (or higher), hence there are high rise of exploiting vulnerabilities in the wild.

-> Firefox minimum TLS 1.2 and set fallback to TLS 1.2 (or to TLS 1.3 by using 4)

Your internet browsing has encryption protocol and these are becoming also vulnerability issues when they are becoming obsolete and used more and more by attacking vectors by criminals. Look as exampel of POODLE. Besides SSL 3.0 should be disabled in April 2015.

Disabling SSL 2.0, SSL 3.0 is definitely a Good Thing. However, the subsequent revelation that TLS 1.0 is also vulnerable seems to have caught them on the off foot – TLS 1.0 is still enabled by default in all three major browsers as of this writing. In this article, we will show you how to protect yourself by forcing your browser to use only the safer TLS 1.2/TLS1.3 protocols, when TLS 1.1 is also getting vulnerability issues. So, depricating it would be advised, in other words, just disable TLS 1.0/TLS 1.1.

(As optional you can deactivate your Internet Explorer from 'Programs and Feature' by pressing 'Turn Windows features on and off', remove check mark from the features of Internet Explorer, accept the change and reboot. This will encure to deactivate the becoming vulnerability you have on your computer).

Press and type in from Startmenu, and type in Internet Option, hit Enter.

Click the “Advanced” tab, scroll down and deselect "SSL 2.0", “SSL 3.0”, "TLS 1.0", “TLS 1.1”.

You can also make your browser, that is if you use ordinary IE browser/Microsoft Edge, not to save encrypted pages to disk and to empty temporarily internet files.

Click “OK” to accept your changes, which should take effect immediately. (You may need to refresh your browser.)

(September 15th, 2019)

Windows 10 version 1903 currently that is updated version, now supports experimental TLS 1.3.

Go to Windows logo and search 'Internet Options'

then tab on Advanced:

Activate only 'TLS 1.2' and 'TLS 1.3 experimental', deactivate all SSL (this time lower than 'SSL 3.0' been deprecated) and deactivate lower than 'TLS 1.2' (that is 'TLS 1.0' and 'TLS 1.1').

Or better yet, use only TLS 1.3 for best encryption.

Firefox TLS 1.2 or TLS 1.3

To enable minimum TLS 1.2 in Firefox start by typing in the address bar,

about:config

and hit Enter. In the Search field below, enter TLS

Find in TLS fallback limit by it's name

security.tls.version.fallback-limit

Make sure the default is used = 4 to force a minimum fallback protocol of TLS 1.3 ( 4 is now default, December 2019 )

Find in TLS Maximum by it's name. Make sure the default is used = 4 to force a maximum protocol of TLS 1.3 ( 4 is now default, December 2019 )

security.tls.version.max

Find in TLS Minimum by it's name. Set it to use = 3 to force a minimum protocol of TLS 1.2 ( or use ' 4 ' for TLS 1.3) ( default for now is 1 ) please, change it to 3.

security.tls.version.min

- This configuration will now show the new value and will take effect immediately (don’t forget to clear your cache).

May 5, 31, 2018

TLS is a standard closely related to SSL 3.0, and is sometimes referred to as "SSL 3.1". TLS supersedes SSL 2.0 and should be used in new development. Beginning with Windows 10, version 1607 and Windows Server 2016, SSL 2.0 has been removed and is no longer supported.

Applications that require a high level of interoperability should support SSL 3.0 and TLS. Because of the similarities between these two protocols, SSL details are not included in this documentation, except where they differ from TLS. The following is from RFC 2246.

"The differences between this protocol and SSL 3.0 are not dramatic, but they are significant enough that TLS 1.0 and SSL 3.0 do not interoperate (although TLS 1.0 does incorporate a mechanism by which a TLS implementation can back down to SSL 3.0)."

• Google Chrome should already have a standard TLS 1.2 or TLS 1.3 experimental - choose the highest version if you want to use TLS 1.3.

(October 2, 2019)

Starting with Google Chrome 79, Chrome will give sites a "not secure" label if TLS 1.0 or TLS 1.1 is used. The main intention is to provide users and webmasters with information that they may act upon; webmasters need to enable TLS 1.2 or later on the server to address the issue.

Starting with Google Chrome 81, Chrome will prevent connections to sites that use TLS 1.0 or TLS 1.1. The browser displays a warning page instead that reads "Your connection is not fully secure. This site uses an outdated security configuration, which may expose your information".

1. In the address bar, type

chrome://flags

and hit enter.

2. Under

Minimum SSL/TLS version supported

change from

Default

to

TLS 1.3.

3. Disable WebGL and WebRTC if you find them on the list, also the anything that relates for peering of any playback media, audio and video.

4. Then press the

Relaunch Now

button at the bottom of the page.

Unlike IE and Firefox, Chrome can only be made to use TLS 1.2 (unless they updated to able to use TLS 1.3, advise is to set it to use TLS 1.3) by a command-line switch. You can find out if your Chrome support TLS 1.3 or not by typing in the address bar chrome://flags and from your keypads hold on Ctrl+F and type TLS, look for option bar where you can choose different TLS version, if you can see TLS 1.3, see it, then set it to use TLS 1.3.

– an argument added to the string that fires up the browser.

This can be implemented by setting up a shortcut as we will show you below,

but note that ONLY starting Chrome from this shortcut will prevent use of insecure protocols.

You can right click browser shortcut and at the Target/Destination, add this:

--ssl-version-min=tls1.2

if it is TLS 1.3 you could use,

--ssl-version-min=tls1.3

Save the shortcut by pressing OK.

To create a secure shortcut:

1. Right-click on your desktop and select “New”, then “Shortcut”.

2. In the “Create Shortcut” panel, browse to the location by finding the application and click on it, the Chrome and select it

– the default location is, include the little " " with it:

“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe”

3. Add the following command line switch --ssl-version-min=tls1.2 after the item location (i.e., after the ending quote) to appear thus:

“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” --ssl-version-min=tls1.2

(You can also use tls1.3, if it is available for better encryption protocol)

for 64-bit version

“C:\Program Files\Google\Chrome\Application\chrome.exe” --ssl-version-min=tls1.2

(You can also use tls1.3 if it is available for better encryption protocol)

Make sure and separate the switch from the location with a space.

4. Name the shortcut (Chrome-TLS 1.2 or 1.3 suggests giving it a unique name which will remind you that this shortcut is secure) and click “Finish”.

5. Again, the only way to be certain that your Chrome session is secure will be using your new shortcut.