Determining Which Ciphers Are Being Used

To view the ciphers used when a user last connected, type Manage users in the search box at the top of each page and click on the matching result. Edit the desired user and click on the Other connections tab. At the bottom of the screen it will show the ciphers used when they last connected.

You can use the Command Line App (CLI) to generate a CSV report of your users that are connecting with insecure ciphers.


You will need the latest version of both the CLI and Powershell to run the script that generates the report on Windows.

Run the following from Powershell:

files-cli users list --fields username,last_login_at,last_protocol_cipher --format csv | Select-String -CaseSensitive -Pattern "TLSv1;|TLSv1.1;|nistp521|nistp384|nistp256|exchange-sha1|group1|arcfour|-cbc|hmac-md5|sha1-96" > users.csv

macOS / Linux

Run the following from a terminal:

files-cli users list --fields username,last_login_at,last_protocol_cipher --format csv | grep "TLSv1;\|TLSv1.1;\|nistp521\|nistp384\|nistp256\|exchange-sha1\|group1\|arcfour\|-cbc\|hmac-md5\|sha1-96" > users.csv

The generated users.csv file will list the usernames of users connecting with insecure ciphers, including the ciphers they used and when they last logged in.

Get Instant Access to

The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.

Start My Free Trial

©2023 All right reserved


  • Start My Free Trial
  • Pricing
  • Docs
  • API and SDKs
  • Contact


(800) 286-8372


9am–8pm Eastern