Microsoft will soon encrypt your drives without asking during clean installations of the new version 24H2 of Windows 11, regardless of whether you're using the Home or Pro edition. This encryption won't be limited to the system drive; it will include all fixed drives. Users who reinstall Windows without caution may find themselves without decryption keys, leading to data loss.
According to Neowin, Microsoft began implementing default BitLocker encryption during Windows installation starting with Insider version Build 25905 in July 2023. In the documentation, it states:
"Starting with this build, we have adjusted the prerequisites (removal of Modern Standby/HSTI validation and untrusted DMA ports check) for enabling device encryption so that it is automatically enabled when doing clean installs of Windows 11."
This change is expected to be implemented in the next official release of Windows 11.
If you prefer not to use BitLocker, you can disable it during Windows installation. When prompted to select your country and region, press Shift + F10, then type "regedit" and press Enter. This will open the Registry Editor.
Navigate to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\BitLocker and right-click on the BitLocker entry.
Choose New > Dword (32-bit) Value and name it PreventDeviceEncryption, then change its value data from 0 to 1.
Alternatively, you can use third-party software like Rufus to create a USB installation disk and select "Disable BitLocker automatic device encryption" to prevent it.
To check your drives' encryption, launch Command Prompt as Administrator and type manage-bde -status. Command Prompt will return the list of your drives, so check the "Conversion Status" field—it should say "Full Decrypted."
** Learn more about Azure Cloud
** Learn more about QNE Hybrid Cloud Software
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article