Windows 11 will enable BitLocker drive encryption on every PC

BitLocker is Windows' data encryption tool, very safe, but if users lose the key, they will face the risk of losing data.

This new encryption process will affect Windows 11 Pro users. With Windows 11 Home BitLocker encryption is only applied when the encryption flag is enabled in UEFI and through the device manufacturer. So this likely won't affect self-installed PCs running Windows 11 Home.

Windows 11 will enable BitLocker drive encryption on every PC Picture 1

The BitLocker feature will be automatically enabled/re-enabled during OS reinstallation starting with version 24H2, provided that Windows 11 version has this functionality. Even fresh installation of Windows 11 24H2 and system upgrade to 24H2 version are applicable. Drive C and all other drives connected to the computer will also be encrypted during the reinstallation process.

BitLocker encryption is useful for devices containing important data to ensure information security, but is also a real concern for users who are unaware that drive encryption has been enabled during the installation process. operating system again. Users may lose complete access to drive contents due to encryption if any memory-related issues occur with a BitLocker-enabled computer.

Microsoft requires Windows 11/10 Pro users to actively turn on BitLocker and backup BitLocker encryption keys to ensure data safety. But users can still lose access to their data if they forget or lose their backups. In case, the user loses access to the Microsoft Account, it means losing access to the PC.

Windows 11 will enable BitLocker drive encryption on every PC Picture 2

Additionally, tests by TomsHardware last year showed that BitLocker encryption can reduce SSD performance by up to 45% depending on the workload. If you are using BitLocker software, all encryption and decryption tasks will be loaded onto the CPU, which may reduce system performance. Although modern CPUs feature AES encryption/decryption, there is still an impact on performance.

Luckily, users can still use Rufus, this tool has the ability to turn off Windows 11 24H2 drive encryption before installing Windows.

Windows 11 will enable BitLocker drive encryption on every PC Picture 3

Additionally, users can turn off BitLocker by interfering with the Registry during the Windows installation process:

1. Press the key combination Shift + F10 to open the Command Prompt window.
2. Type regedit and press Enter to launch Registry Editor.
3. Find HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlBitLocker.
4. Right-click in the empty area next to it and select New > Dword (32-bit) Value.
5. Name the value "PreventDeviceEncryption".
6. Set the value data to 1 and click the OK button (Confirm).
7. Close Registry Editor.

Samuel Daniel

Update 09 May 2024