Microsoft is enabling BitLocker device encryption by default on Windows 11

Share via:


Microsoft is making BitLocker device encryption a default feature in its next major update to Windows 11. If you clean install the 24H2 version that’s rolling out in the coming months, device encryption will be enabled by default when you first sign in or set up a device with a Microsoft account or work / school account.

Device encryption is designed to improve the security of Windows machines by automatically enabling BitLocker encryption on the Windows install drive and backing up the recovery key to a Microsoft account or Entra ID.

In Windows 11 version 24H2, Microsoft is reducing the hardware requirements for automatic device encryption, opening it up to many more devices — including ones running the Home version of Windows 11. Device encryption no longer requires Hardware Security Test Interface (HSTI) or Modern Standby, and encryption will also be enabled even if untrusted direct memory access (DMA) buses / interfaces are detected.

The latest Windows 11 version 24H2 update comes preinstalled on Microsoft’s range of Copilot Plus PCs and is expected to be available on existing machines in late September. That means if you clean install Windows 11 later this year or buy a new PC with 24H2 installed, BitLocker device encryption will be enabled by default. If you just upgrade to 24H2, Microsoft won’t enable device encryption automatically.

The feature could impact SSD performance on some devices. Tom’s Hardware tested this software version of BitLocker last year and found it could slow drives by up to 45 percent. We’ve asked Microsoft repeatedly since early May to comment on BitLocker device encryption being enabled by default, but the company has only confirmed its plans through support documents where there is no mention of any potential performance impacts.

You’ll need a Microsoft account to enable device encryption.
Screenshot by Tom Warren / The Verge

You can avoid automatic device encryption if you’re using a local account on a clean Windows 11 version 24H2 install. When you first set up a new machine and log in with a local account, you’ll be prompted to sign in with a Microsoft account to finish encrypting the device. BitLocker can still be manually enabled using the BitLocker Control Panel on local accounts, though. You can also disable device encryption through a toggle in the privacy and security section of Windows 11’s settings interface.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

Microsoft is enabling BitLocker device encryption by default on Windows 11


Microsoft is making BitLocker device encryption a default feature in its next major update to Windows 11. If you clean install the 24H2 version that’s rolling out in the coming months, device encryption will be enabled by default when you first sign in or set up a device with a Microsoft account or work / school account.

Device encryption is designed to improve the security of Windows machines by automatically enabling BitLocker encryption on the Windows install drive and backing up the recovery key to a Microsoft account or Entra ID.

In Windows 11 version 24H2, Microsoft is reducing the hardware requirements for automatic device encryption, opening it up to many more devices — including ones running the Home version of Windows 11. Device encryption no longer requires Hardware Security Test Interface (HSTI) or Modern Standby, and encryption will also be enabled even if untrusted direct memory access (DMA) buses / interfaces are detected.

The latest Windows 11 version 24H2 update comes preinstalled on Microsoft’s range of Copilot Plus PCs and is expected to be available on existing machines in late September. That means if you clean install Windows 11 later this year or buy a new PC with 24H2 installed, BitLocker device encryption will be enabled by default. If you just upgrade to 24H2, Microsoft won’t enable device encryption automatically.

The feature could impact SSD performance on some devices. Tom’s Hardware tested this software version of BitLocker last year and found it could slow drives by up to 45 percent. We’ve asked Microsoft repeatedly since early May to comment on BitLocker device encryption being enabled by default, but the company has only confirmed its plans through support documents where there is no mention of any potential performance impacts.

You’ll need a Microsoft account to enable device encryption.
Screenshot by Tom Warren / The Verge

You can avoid automatic device encryption if you’re using a local account on a clean Windows 11 version 24H2 install. When you first set up a new machine and log in with a local account, you’ll be prompted to sign in with a Microsoft account to finish encrypting the device. BitLocker can still be manually enabled using the BitLocker Control Panel on local accounts, though. You can also disable device encryption through a toggle in the privacy and security section of Windows 11’s settings interface.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

Wipro: Wipro promotes insider Omkar Nisal to head Europe...

Wipro on Monday promoted yet another insider Omkar...

how to watch a baby

Parenthood is...

Japan’s Cross Capital partners with Gobi for SEA startups

The joint effort aims to promote cross-border innovation...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!