Avatar for Username

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

How do I prioritize 256 bit encryption over the 128 bit variant?

Rollingthunder
Rollingthunder

Hello folks,

been using the fox for ages now. Thanks for the fine product :) .

Up to now I also never had a problem I couldn't find a solution for, but strangely enough, that one gets me, since I seem to be unable to find an option allowing me to deactivate the 128 bit variant of encryption.

The bank whose homepage it concerns already told me that they are offering it, and there was this nice add on that allowed me to deavtivate the rc4 protocol, but I just don't get from AES 128 to AES 256 wich I just like a banking site to have...

Any solution would be much appreciated, thanks in advance.

Hello folks, been using the fox for ages now. Thanks for the fine product :) . Up to now I also never had a problem I couldn't find a solution for, but strangely enough, that one gets me, since I seem to be unable to find an option allowing me to deactivate the 128 bit variant of encryption. The bank whose homepage it concerns already told me that they are offering it, and there was this nice add on that allowed me to deavtivate the rc4 protocol, but I just don't get from AES 128 to AES 256 wich I just like a banking site to have... Any solution would be much appreciated, thanks in advance.

Chosen solution

You can set all 128 bit SSL3 prefs to false on the about:config page to force using stronger ciphers. 

Filter: ssl3*128

To open the about:config page, type about:config in the location (address) bar and press the "Enter" key, just like you type the url of a website to open a website.
If you see a warning then you can confirm that you want to access that page.

  • Use the Filter bar at to top of the about:config page to locate a preference more easily.
  • Preferences that have been modified show as bold (user set).
  • Preferences can be reset to the default via the right-click context menu if they are user set
  • Preferences can be changed via the right-click context menu: Modify (String or Integer) or Toggle (Boolean)

Some websites with old software may require to temporarily set security.ssl3.rsa_rc4_128_md5 to true if you get a cipher overlap error.

Read this answer in context 👍 2

All Replies (2)

cor-el
cor-el
  • Moderator

Chosen Solution

You can set all 128 bit SSL3 prefs to false on the about:config page to force using stronger ciphers. 

Filter: ssl3*128

To open the about:config page, type about:config in the location (address) bar and press the "Enter" key, just like you type the url of a website to open a website.
If you see a warning then you can confirm that you want to access that page.

  • Use the Filter bar at to top of the about:config page to locate a preference more easily.
  • Preferences that have been modified show as bold (user set).
  • Preferences can be reset to the default via the right-click context menu if they are user set
  • Preferences can be changed via the right-click context menu: Modify (String or Integer) or Toggle (Boolean)

Some websites with old software may require to temporarily set security.ssl3.rsa_rc4_128_md5 to true if you get a cipher overlap error.

Rollingthunder
Rollingthunder Question owner

Thank you very much cor-el :)

Now even the stasi of our modern lives secures it's connection to me via 256 bit, but only after setting security.enable_tls_session_ticktes and services.sync.prefs.sync.security.enable_tls to false also, an effect - which at least in my test - wasn't achieved by only unchecking the protocol box of TSL 1.o under settings>encryption.

Just saying that, cause I don't know if it is a bug or not.

Thanks again!

Modified by Rollingthunder