This is the NOT the recommended standard.
There are serious security implications if not configured properly!
3 DES is now officially retired!

Last Updated Tues, 27 Aug 2019 12:00:01 -0400


The Triple Data Encryption Algorithm, called 3DES for short, is an encryption algorithm that evolved from previous flavors of the same algorithm (Data Encryption Standard, or DES, which was first published in 1975). Although under certain configurations 3DES can be acceptable, it is being phased out slowly as there are new vulnerabilities that make the protocol significantly weaker. Where possible, newer standards such as AES should be used; there are no reasons to stick to 3DES apart from backward compatibility or legacy support.

Getting Started:

Are you a developer? Get started with crucial implementation details above.
Are you an IT administrator? Get started with best practice setup details above.
Are you a Manager? Get started with best practice setup details above.

More Useful Information:

For more details check the FAQ for this algorithm.


  • Meet in the Middle Attack :This particular attack can occur with specific settings in which DES could operate (keying option 1).
  • Sweet 32 This is a major attack that renders 3DES weak and compromises the security entirely. But like mentioned before, there are ways to mitigate and still use 3DES. OpenSSL does not include 3DES per default since version 1.1.0 (August 2016), and considers it a "weak cipher". Cisco's advisory on Sweet32:"