Solved Device Encryption Windows 11 Home 24H2.


M

Mitch

Well-known member
Member
Local time
12:55 PM
Posts
370
Location
Scotland
OS
Windows 11 Home
Hello. Would be grateful if Insiders on 24H2 could clarify the position about Bitlocker/Encryption being auto enabled. We have 2 pc's running W11 Home 23h2. Both are setup with a MS Administrator account plus a Local Standard User account which we use. Device encryption is turned off in the MS Admin account and does not show in the Local account. After a clean install, encryption was turned on automatically but I turned it off and a Recovery Key was shown in MS Account. It's reported that in 24H2, Bitlocker (and I assume Device Encryption ) will be activated on a clean install or repair install? Will this apply to W11 Home and if so would it also apply to Local non MS Accounts and where would the Recovery Key be located? Thanks.
 
Windows Build/Version
Windows 11 23h2.

My Computer

System One

  • OS
    Windows 11 Home
Hello Mitch, :alien:

Device encryption is available and automatically turned on by default on devices (ex: tablet or 2-in1) that support Modern Standby and running any Windows 11 edition.

If device encryption is turned off, it will no longer automatically enable itself in the future. You must enable it manually (if wanted) in Settings.

www.elevenforum.com

Turn On or Off Device Encryption in Windows 11

This tutorial will show you how to turn on or off device encryption on a Windows 11 PC. Device encryption is a Windows feature that enables BitLocker encryption automatically for the Operating System drive and fixed drives. It’s particularly beneficial for everyday users who want to ensure...
www.elevenforum.com www.elevenforum.com

If Device Encryption is turned on with a local account, you would need to manually back up the BitLocker Recovery Key since it doesn't have a Microsoft account to auto backup to.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    TerraMaster F8 SSD Plus NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
Thanks Shawn. In the Local Accounts on our 2 pc's we are not signed on as Administrators, which is why I assume Device Encryption doesn't show. Device Encryption only shows on the MS Admin accounts and the Recovery Key is backed up to the account. Is it likely in 24H2 that the need to be signed in as administrator for device encryption (which we don't need or want) on Local Accounts would change? Our Local Accounts don't have Admin privileges and we wouldn't change that. If we did, for some reason, decide to turn on encryption for our Local Accounts, where would the key be located if it's not backed up to a MS account? Thanks a lot. Mitch.
 

My Computer

System One

  • OS
    Windows 11 Home
Correct. You must be signed into an administrator account (local or Microsoft) to see the Device Encryption setting.

The BitLocker recovery key is not backed up for a local account unless you manually do so and select where.

www.elevenforum.com

Backup BitLocker Recovery Key in Windows 11

This tutorial will show you how to back up the BitLocker recovery key for a drive in Windows 10 and Windows 11. BitLocker Drive Encryption is a data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or...
www.elevenforum.com www.elevenforum.com
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    TerraMaster F8 SSD Plus NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
You're most welcome. :shawn:
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    TerraMaster F8 SSD Plus NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
Brink said:
If Device Encryption is turned on with a local account, you would need to manually back up the BitLocker Recovery Key since it doesn't have a Microsoft account to auto backup to.
Click to expand...
I think this would be 24H2's most egregious flaw (if they don't change it before GA), is there isn't a post-install task prompting non-MSA users to backup the key offline. I get they're trying to market MSA's ability to silently backup recovery keys. but still...
 

My Computer

System One

  • OS
    Windows 7
Brink said:
You're most welcome. :shawn:
Click to expand...
Actually things may be more complicated when 24H2 is released as MS are relaxing need for modern standby to enable device encryption.

I believe this has already rather quietly "slipped" in to Insider versions but I have yet to test it. I would have to disable modern standby on my laptop to test if I can enable device encryption without modern standby (or use another laptop).
 

My Computer

System One

  • OS
    Windows 11 Pro + Win11 Canary VM.
    Computer type
    Laptop
    Manufacturer/Model
    ASUS Zenbook 14
    CPU
    I9 13th gen i9-13900H 2.60 GHZ
    Motherboard
    Yep, Laptop has one.
    Memory
    16 GB soldered
    Graphics Card(s)
    Integrated Intel Iris XE
    Sound Card
    Realtek built in
    Monitor(s) Displays
    laptop OLED screen
    Screen Resolution
    2880x1800 touchscreen
    Hard Drives
    1 TB NVME SSD (only weakness is only one slot)
    PSU
    Internal + 65W thunderbolt USB4 charger
    Case
    Yep, got one
    Cooling
    Stella Artois (UK pint cans - 568 ml) - extra cost.
    Keyboard
    Built in UK keybd
    Mouse
    Bluetooth , wireless dongled, wired
    Internet Speed
    900 mbs (ethernet), wifi 6 typical 350-450 mb/s both up and down
    Browser
    Edge
    Antivirus
    Defender
    Other Info
    TPM 2.0, 2xUSB4 thunderbolt, 1xUsb3 (usb a), 1xUsb-c, hdmi out, 3.5 mm audio out/in combo, ASUS backlit trackpad (inc. switchable number pad)

    Macrium Reflect Home V8
    Office 365 Family (6 users each 1TB onedrive space)
    Hyper-V (a vm runs almost as fast as my older laptop)
cereberus said:
Actually things may be more complicated when 24H2 is released as MS are relaxing need for modern standby to enable device encryption.

I believe this has already rather quietly "slipped" in to Insider versions but I have yet to test it. I would have to disable modern standby on my laptop to test if I can enable device encryption without modern standby (or use another laptop).
Click to expand...
Microsoft has indeed.

Starting with Windows 11 build 25905, Microsoft have adjusted the prerequisites (removal of Modern Standby/HSTI validation and untrusted DMA ports check) for enabling device encryption so that it is automatically enabled when doing clean installs of Windows 11.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    TerraMaster F8 SSD Plus NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
Morning. Sorry to raise this one again but just to clarify, does auto-enablement of Bitlocker/Device Encryption for W11 home in 24h2 apply to repair installs, either using MCT/ISO or the Windows Update recovery feature in Settings, as well as clean installs. The point of repair installs is that "your Settings will be preserved" but......This has the potential to cause real problems especially if using a Local Account and no prompt to back the key up. Mitch.
 

My Computer

System One

  • OS
    Windows 11 Home
Mitch said:
Morning. Sorry to raise this one again but just to clarify, does auto-enablement of Bitlocker/Device Encryption for W11 home in 24h2 apply to repair installs, either using MCT/ISO or the Windows Update recovery feature in Settings, as well as clean installs. The point of repair installs is that "your Settings will be preserved" but......This has the potential to cause real problems especially if using a Local Account and no prompt to back the key up. Mitch.
Click to expand...
The key is automatically backed up to the TPM I understand.
 

My Computer

System One

  • OS
    Windows 11 Pro + Win11 Canary VM.
    Computer type
    Laptop
    Manufacturer/Model
    ASUS Zenbook 14
    CPU
    I9 13th gen i9-13900H 2.60 GHZ
    Motherboard
    Yep, Laptop has one.
    Memory
    16 GB soldered
    Graphics Card(s)
    Integrated Intel Iris XE
    Sound Card
    Realtek built in
    Monitor(s) Displays
    laptop OLED screen
    Screen Resolution
    2880x1800 touchscreen
    Hard Drives
    1 TB NVME SSD (only weakness is only one slot)
    PSU
    Internal + 65W thunderbolt USB4 charger
    Case
    Yep, got one
    Cooling
    Stella Artois (UK pint cans - 568 ml) - extra cost.
    Keyboard
    Built in UK keybd
    Mouse
    Bluetooth , wireless dongled, wired
    Internet Speed
    900 mbs (ethernet), wifi 6 typical 350-450 mb/s both up and down
    Browser
    Edge
    Antivirus
    Defender
    Other Info
    TPM 2.0, 2xUSB4 thunderbolt, 1xUsb3 (usb a), 1xUsb-c, hdmi out, 3.5 mm audio out/in combo, ASUS backlit trackpad (inc. switchable number pad)

    Macrium Reflect Home V8
    Office 365 Family (6 users each 1TB onedrive space)
    Hyper-V (a vm runs almost as fast as my older laptop)
Mitch said:
This has the potential to cause real problems especially if using a Local Account and no prompt to back the key up. Mitch.
Click to expand...
garlin said:
I think this would be 24H2's most egregious flaw (if they don't change it before GA), is there isn't a post-install task prompting non-MSA users to backup the key offline.
Click to expand...
Automatic device encryption is not activated for a local account. The system disk may be encrypted but no key will be required as protection is suspended until an administrator signs in with a Microsoft Account, which then saves the recovery key automatically:

! Note

BitLocker automatic device encryption starts during Out-of-box (OOBE) experience. However, protection is enabled (armed) only after users sign in with a Microsoft Account or an Azure Active Directory account. Until that, protection is suspended and data is not protected. BitLocker automatic device encryption is not enabled with local accounts, in which case BitLocker can be manually enabled using the BitLocker Control Panel.

BitLocker automatic device encryption
Click to expand...
  • If the device isn't Microsoft Entra joined or Active Directory domain joined, a Microsoft account with administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to the online Microsoft account, and a TPM protector is created. Should a device require the recovery key, the user is guided to use an alternate device and navigate to a recovery key access URL to retrieve the recovery key by using their Microsoft account credentials
  • If a device uses only local accounts, then it remains unprotected even though the data is encrypted
Device encryption
Click to expand...
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
Thanks for the information. We have both an MS and a Local non admin account on our PC. We use the MS account for updates etc and the Local account for everything else. Device Encryption for our 2 W11 Home 23h2 is off in our MS Account and doesn't show in the Local account. The last Recovery Key showing in our MS account was when I did I clean install of W11 in December, Encryption was auto enabled and when installed I turned off Dev Encryption. We have no need to turn on Encryption ourselves and it would only happen in the event of a clean install or if forced on us in 24h2 - not sure if a repair install in 24h2 would turn Encryption on automatically? Hope not. Thanks again.
 

My Computer

System One

  • OS
    Windows 11 Home
good thread.
QUESTION
I have new computer windows 11 home. I WANT BITLOCKER., I have 4 other machines, all upgraded to windows 11 pro. specifically for bitlocker.
for the NEW COMPUTER, will I AUTOMATICALLy GET Bitlocker with next release update of 24H2?
and if so, will i have ability to ENABLE the BITLOCKER PRE-BooT PIN ENTRY (so i'm entering my bitlocker code on the blue Boot-Up screen?
or do i still need windows 11 pro to get that feature?
any clarification is appreciated
 

My Computer

System One

  • OS
    windows 11
TechnologyInThe said:
good thread.
QUESTION
I have new computer windows 11 home. I WANT BITLOCKER., I have 4 other machines, all upgraded to windows 11 pro. specifically for bitlocker.
for the NEW COMPUTER, will I AUTOMATICALLy GET Bitlocker with next release update of 24H2?
and if so, will i have ability to ENABLE the BITLOCKER PRE-BooT PIN ENTRY (so i'm entering my bitlocker code on the blue Boot-Up screen?
or do i still need windows 11 pro to get that feature?
any clarification is appreciated
Click to expand...
Hello, and welcome. :alien:

Since this is the Home edition, you'll have "Device Encryption" instead of the full BitLocker.

You would need to use step 2 in option 2 of the tutorial below to enable BitLocker to Unlock OS drive at Startup with PIN and USB.

www.elevenforum.com

Enable or Disable BitLocker to Unlock OS drive at Startup with PIN and USB in Windows 11

This tutorial will show you how to enable or disable BitLocker to unlock the operating system drive at startup with a PIN or USB flash drive in Windows 10 and Windows 11. BitLocker Drive Encryption is a data protection feature that integrates with the operating system and addresses the threats...
www.elevenforum.com www.elevenforum.com

You will then be able to use option 2 in the tutorial below to change how to unlock your OS drive encrypted by Device Encryption with a PIN.

www.elevenforum.com

Change how BitLocker Unlocks OS Drive at Startup in Windows 11

This tutorial will show you how to choose how to unlock your operating system drive at startup with a PIN, USB flash drive, or automatically with TPM in Windows 11. BitLocker Drive Encryption is a data protection feature that integrates with the operating system and addresses the threats of...
www.elevenforum.com www.elevenforum.com
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    TerraMaster F8 SSD Plus NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
Brink said:
Since this is the Home edition, you'll have "Device Encryption" instead of the full BitLocker.

You would need to use step 2 in option 2 of the tutorial below to enable BitLocker to Unlock OS drive at Startup with PIN and USB.

www.elevenforum.com

Enable or Disable BitLocker to Unlock OS drive at Startup with PIN and USB in Windows 11

This tutorial will show you how to enable or disable BitLocker to unlock the operating system drive at startup with a PIN or USB flash drive in Windows 10 and Windows 11. BitLocker Drive Encryption is a data protection feature that integrates with the operating system and addresses the threats...
www.elevenforum.com www.elevenforum.com

You will then be able to use option 2 in the tutorial below to change how to unlock your OS drive encrypted by Device Encryption with a PIN.

www.elevenforum.com

Change how BitLocker Unlocks OS Drive at Startup in Windows 11

This tutorial will show you how to choose how to unlock your operating system drive at startup with a PIN, USB flash drive, or automatically with TPM in Windows 11. BitLocker Drive Encryption is a data protection feature that integrates with the operating system and addresses the threats of...
www.elevenforum.com www.elevenforum.com
Click to expand...

But are those available on Home with Device Encryption?

And why would anyone need to use both tutorials?
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
so, to clarify
Bitlocker (name in PRO), and "Device encryption (name in HOME) are essentially same encryption with different names.

In windows "X" pro, I've used the GPEDIT options to have bitlocker use the PIN at login. with HOME editions, i am essentially doing the same settings, through the registry, i just don't get the GPEDIT easier interface (I'm famiiar with that, i have all my screenshots, etc)

In windows "X" home, I can STILL encrypt multiple attached drives (example, "D:" if partioned, and "P: attached external drive), and ican set them up to all log in automatically at startup, if the correct bitlocker PIN is entered ?

if htat is the case, then i can hold off on upgrading to PRO, because the bitlocker (encrypted disk) features are the main things i need/desire

AND, your tutorial is great also

additional question, when will 24H2 be released?

comments
I back up hte recovery keys of bitlocker. bitlocker forces me to use a USB stick, which is a pain. I've tried to back it up to OneDrive; bitlocker says "can't do this, this is encrypted". I try to back to local "C: drive, same message. or to any external encrypted drive.
I WANT ABILITY to back it up anywhere i want, because I THEN copy it to multiple sites, and into my password manager program, so that i have it stored in several places. There should be a disclaimer of "I understand the world may blow up if i don't do it the way micorosoft recommends....." so that i can do it the way i want to ....

anyway, again, info is appreciated.
nick
 

My Computer

System One

  • OS
    windows 11
BruceR said:
But are those available on Home with Device Encryption?

And why would anyone need to use both tutorials?
Click to expand...
Yes.

You would need to use both. One to enable the ability to use a PIN, and the other to set up the PIN.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    TerraMaster F8 SSD Plus NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
TechnologyInThe said:
so, to clarify
Bitlocker (name in PRO), and "Device encryption (name in HOME) are essentially same encryption with different names.

In windows "X" pro, I've used the GPEDIT options to have bitlocker use the PIN at login. with HOME editions, i am essentially doing the same settings, through the registry, i just don't get the GPEDIT easier interface (I'm famiiar with that, i have all my screenshots, etc)

In windows "X" home, I can STILL encrypt multiple attached drives (example, "D:" if partioned, and "P: attached external drive), and ican set them up to all log in automatically at startup, if the correct bitlocker PIN is entered ?

if htat is the case, then i can hold off on upgrading to PRO, because the bitlocker (encrypted disk) features are the main things i need/desire

AND, your tutorial is great also

additional question, when will 24H2 be released?

comments
I back up hte recovery keys of bitlocker. bitlocker forces me to use a USB stick, which is a pain. I've tried to back it up to OneDrive; bitlocker says "can't do this, this is encrypted". I try to back to local "C: drive, same message. or to any external encrypted drive.
I WANT ABILITY to back it up anywhere i want, because I THEN copy it to multiple sites, and into my password manager program, so that i have it stored in several places. There should be a disclaimer of "I understand the world may blow up if i don't do it the way micorosoft recommends....." so that i can do it the way i want to ....

anyway, again, info is appreciated.
nick
Click to expand...
Correct, you'll just need to use the REG option instead to set the policy since you don't have GPEDIT in Home.

Device Encryption is basically a lite version of BitLocker. You can only encrypt the OS drive with Device Encryption and not any internal (data) or external (removable) drives.

The recovery key for Device Encryption is backed up the same way as with BitLocker below. It is recommended to back up to your Microsoft account to make it easier, but either option below will do.

www.elevenforum.com

Backup BitLocker Recovery Key in Windows 11

This tutorial will show you how to back up the BitLocker recovery key for a drive in Windows 10 and Windows 11. BitLocker Drive Encryption is a data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or...
www.elevenforum.com www.elevenforum.com
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    TerraMaster F8 SSD Plus NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
BruceR said:
But are those available on Home with Device Encryption?

And why would anyone need to use both tutorials?
Click to expand...
just as a clarification - in Windows 11 PRO, the Group Policy editor provides an easy interface to set the "BITLOCKER" preferences. but it is essentially controlling the REGISTRY entries that the "WINDOWS "X" HOME section of the tutorial is doing. it just does not have the easier interface to do this . The tuturoal makes it easy to see which registry entries are used.
 

My Computer

System One

  • OS
    windows 11
You must log in or register to reply here.

Similar threads

Bitlocker encryption, Windows 11 Home
2
Replies
22
Views
6K
TechnologyInThe
T
Solved Check status Device Encryption in Windows 11 Home, local account
Replies
13
Views
2K
Comport Colin
C
Solved Windows 11 Home 24H2
Replies
3
Views
593
Winuser
Winuser
How to safely turn off or delete BitLocker on new HP PC Windows 11 24H2
Replies
8
Views
3K
abactuon
abactuon
I have lost Device Encryption in Windows 11 and can't get it back
Replies
4
Views
2K
antspants
antspants

Latest Support Threads

Latest Tutorials

Back
Top Bottom