Correct time on your Windows computer is crucial for accurate file timestamps, time-based authentication, scheduled tasks and events, and time synchronization. Most of the security protocols rely on the correct time stamp, network security protocols use the keys only for a certain time, and timekeeping over long periods of time is critical for tracking the lifetime and expiry of security Keys. Windows has several ways to sync time and keep it accurate, Maintaining the correct time is very important, computers should maintain the correct time even in a power-off state. The computer’s internal clock will run even in the Power off state with the help of the CMOS battery, if there is an issue with the CMOS battery or any hardware then the time will reset to its default state. Computers automatically connect to the time server and correct its time with the help of NTP(Network Time Protocol). Recently Microsoft Introduced one more feature named Secure Time Seeding (STS), to obtain the correct time from a server over a SSL protocol. As per Microsoft “SSL protocol allows a client to securely participate in a handshake with a server and perform time-related validation towards the end of the handshake (e.g.: certificate validity using the local system clock). Essentially a client can trust the certificates installed locally to perform the SSL handshake, but it may not trust the server enough to establish the connection because its local system time indicates the server’s certificate chain is invalid. The SSL handshake contains encrypted/signed time metadata from the server that can be used by the client to determine the current time.” In this article, we’ll see how to enable or disable Secure Time Seeding in Windows 11.
Enable or Disable Secure Time Seeding in Windows 11:
By default Secure Time Seeding is enabled in Windows System, to disable Secure Time Seeding follow the below-mentioned steps.
Open Run command by pressing Windows + R and type regedit and hit enter, This command will open the Registry Editor console.
Now navigate to the following registry path.
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config
From the left-hand side click on the Config registry key and from the right-hand side look for the DWORD named UtilizeSslTimeData.
Double-click on UtilizeSslTimeData and modify the value from 1 to 0, and click on OK.
Close the Registry editor and restart the system once, This will disable the Secure Time Seeding.
To Enable STS:
Open Run command by pressing Windows + R and type regedit and hit enter, This command will open the Registry Editor console.
Now navigate to the following registry path.
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config
From the left-hand side click on the Config registry key and from the right-hand side look for the DWORD named UtilizeSslTimeData.
Double-click on UtilizeSslTimeData and modify the value from 0 to 1, and click on OK.
Close the Registry editor and restart the system once, This will Enable the Secure Time Seeding.
