- Consolidate secret key improvement scripts into a single category.
- Simplify script names to improve user understanding.
- Expand and refine documentation, adding cautionary notes for clarity
and helping users make informed decisions (addresses issues #57, #131,
#175, #183).
- Adjust recommendation levels for scripts to 'Standard' to reflect
their adoption in modern Windows and align with security standards:
- Set Diffie-Hellman key exchange minimum to 2048 bits, matching
modern Windows defaults
- Align RSA key size with Microsoft's upcoming deprecation of 1024-bit
keys.
- Improve the revert process by suppressing false error messages using
`2>nul` in `reg delete` commands.
- Introduce a unified approach to adjust key sizes in key exchange
algorithms with `RequireMinimumKeySize` function.
- Modify the Diffie-Hellman key exchange to a 2048-bit minimum instead
of 4096 bits to balance security with broader software compatibility.
This attempts to reduce side-effects on third-party software as
reported in #57, #131, #183).
- Replace hexadecimal values with decimal equivalents in registry edits
to facilitate better maintainability and readability.
undergroundwires
49f22f048f