BitLocker, which is Microsoft's encryption software for SSDs, has had its fair share of issues over the years since its release. And now there's another potential issue looming over Windows 11 users with the upcoming 24H2 build update.
There's a new report that Windows 11 version 24H2, also called the 2024 update, “may enable BitLocker by default during installation” on several versions of Windows, including the Home edition, according to a German media outlet. desktop modifier (reported by neowin). Why is this considered bad news? For several reasons.
What is the problem?
The first is that using BitLocker for encryption can seriously slow down your PC's performance by up to 45% on Windows Pro and would likely affect other versions of the operating system similarly. This occurs because Windows 11 constantly requests encryption and decryption processes with data on your SSD while your computer performs read and write operations.
The second problem is that a user who is not familiar with encryption in general or with this specific problem with BitLocker could unknowingly encrypt their data and then be unable to decrypt and recover it because they misplaced or did not save the necessary key.
There is also a third problem with BitLocker in terms of security, according to YouTuber Stacksmashingyour encryption can be cracks noticeably easily. Their video demonstrates that if you are using a Windows 10 or Windows 11 Pro device with a dedicated external Trusted Platform Module (TPM), your encrypted data can be decrypted and read. You just need a $10 Raspberry Pi Pico, physical access to the target endpoint, and the knowledge of how to do it.
How to fix it
Of course, there is a simple way to solve this automatic encryption. You just need to turn off device encryption within Privacy & Security in Settings. Fortunately, users have that option, but many casual Windows 11 users, especially those with Windows 11 Home, may not be aware of the situation, let alone how to fix it.
Hopefully, if this report is true, Microsoft will disable automatic encryption before the update is released. It is not necessary and causes more problems than it actually solves.
