top of page

Windows 11 24H2 will enable BitLocker encryption for everyone — but don't worry we have the solution!

You can still manually disable encryption if desired.

Microsoft has announced a new setup process for Windows 11 24H2 that will automatically activate BitLocker encryption during reinstallation, as reported by While BitLocker is already enabled by default in Windows 11 23H2, this new process will ensure that BitLocker is activated or reactivated during reinstallation for Windows 11 Pro users. Additionally, this change will impact Windows 11 Home users, but with a slight caveat.

For Windows 11 Home users, BitLocker encryption will only be applied if the device manufacturer enables the encryption flag in the UEFI. This means that DIY PCs running Windows 11 Home are unlikely to be affected. However, for any Windows 11 version that supports BitLocker functionality, the encryption will now automatically activate during reinstallation starting with 24H2. This applies to both clean installs of Windows 11 24H2 and system upgrades to version 24H2.

It's important to note that while BitLocker encryption is beneficial for securing valuable information on mission-critical devices, it can lead to data loss if users are unaware that encryption has been enabled during reinstallation. If any storage-related issues occur on a machine with BitLocker enabled, users may lose access to their drive contents due to encryption.

Microsoft recommends backing up the BitLocker encryption key to prevent such situations. However, if the backup is forgotten or lost, users could lose access to their data.

BitLocker encryption has also been shown to impact system performance, particularly on SSDs. Tests conducted last year revealed that SSD performance can drop by up to 45% depending on the workload when BitLocker encryption is enabled. Additionally, using the software form of BitLocker can load encryption and decryption tasks onto the CPU, potentially reducing system performance.

Disabling BitLocker encryption during reinstallation is possible. One method is to create a bootable ISO through Rufus USB, which can disable Windows 11 24H2's drive encryption. Another method is to disable automatic encryption from the installation wizard by changing the BitLocker "PreventDeviceEncryption" key to 1 in the Registry, which can be accessed through the command prompt (Shift + F10).

BitLocker has a list of hardware requirements, including a TPM 1.2 or newer chip and UEFI. Since Windows 11 checks for these changes during installation, escaping BitLocker is impossible. However, there are workarounds.

5 views0 comments


Related Products

bottom of page