Privacy and Security Turn On or Off Device Encryption in Windows 11


  • Staff
BitLocker_OS_banner.png

Device encryption (aka: BitLocker automatic device encryption) helps protect your data, and it's available on a wide range of Windows devices. If you turn on device encryption, the data on your device can only be accessed by people who've been authorized. If device encryption isn't available on your device, you may be able to turn on standard BitLocker encryption instead.

Device encryption is available on devices (ex: tablet or 2-in1) that support Modern Standby and running any Windows 11 edition. If you want to use standard BitLocker encryption instead, it's only available on supported devices running Windows 11 Pro, Enterprise, or Education. Some devices have both types of encryption.

Device encryption is turned on by default for devices (ex: tablet or 2-in1) that support Modern Standby.

Reference:

Device encryption in Windows - Microsoft Support

Learn about BitLocker and your encryption options for Windows.
support.microsoft.com support.microsoft.com
docs.microsoft.com

Overview of BitLocker Device Encryption in Windows

This article provides an overview of how BitLocker Device Encryption can help protect data on devices running Windows.
docs.microsoft.com

This tutorial will show you how to turn on or off device encryption in Windows 11.


You must be signed in as an administrator to turn on or off device encryption.

Device encryption uses XTS-AES 128-bit BitLocker encryption method and cipher strength by default in Windows 11. If you would like to use a stronger XTS-AES 256-bit BitLocker encryption method and cipher strength, then you will need to change the BitLocker encryption method and cipher strength before turning on device encryption. If device encryption is already turned on, then you would need to turn off device encryption, change the BitLocker encryption method and cipher strength, and then turn on device encryption.


Device encryption should be suspended or turned off before flashing the system BIOS and when a motherboard or system drive replacement is expected.



Contents



EXAMPLE: Device encryption turned on:

Device_encryption_This_PC.png





Option One

Turn On Device Encryption


1 Open Settings (Win+I).

2 Click/tap on Privacy & security on the left side, and click/tap on Device encryption on the right side. (see screenshot below)

If you do not have Device encryption available, then your PC doesn't support device encryption. You may be able to turn on standard BitLocker encryption instead.


Open Device encryption settings

Device_encryption-1.png

3 Turn on Device encryption. (see screenshot below)

Device_encryption_on-2.png

4 You will now see Encryption is in progress until finished. (see screenshot below)

This may take a while to finish. Do not turn off your PC until device encryption has successfully finished.


Device_encryption_on-3.png

5 When finished, you can close Settings if you like.

6 It is highly recommended that you now backup the BitLocker recovery key used for Device Encryption. You will need to know this BitLocker recover key if you should ever be prompted for it to gain access to your Windows drive.




Option Two

Turn Off Device Encryption


1 Open Settings (Win+I).

2 Click/tap on Privacy & security on the left side, and click/tap on Device encryption on the right side. (see screenshot below)

If you do not have Device encryption available, then your PC doesn't support device encryption.


Open Device encryption settings

Device_encryption-1.png

3 Turn off Device encryption. (see screenshot below)

Device_encryption_off-2.png

4 Click/tap on Turn off to confirm. (see screenshot below)

Device_encryption_off-3.png

5 You will now see Decryption is in progress. until finished. (see screenshot below)

This may take a while to finish. Do not turn off your PC until decryption has successfully finished.


Device_encryption_off-4.png

6 When finished, you can close Settings if you like.


That's it,
Shawn Brink


Related Tutorials

 

Attachments

  • BitLocker_OS.png
    BitLocker_OS.png
    8.9 KB · Views: 141
Last edited:
  • Like
Reactions: CB
Click to expand...
flashh4

flashh4

Well-known member
Member
VIP
Local time
4:41 AM
Posts
597
Visit site
OS
Windows11
Not sure if i am lucky or not but my PC doesn't support device encryption, might just be something else to worry about !!
Chuck
 

My Computer

System One

  • OS
    Windows11
    Computer type
    PC/Desktop
    Manufacturer/Model
    HP HP ENVY TE01
    CPU
    2.90 gigahertz Intel Core i7-10700
    Motherboard
    Board: HP 8767 A (SMVB)
    Memory
    16214 Megabytes Usable Installed Memor
    Hard Drives
    1511.52 Gigabytes Usable Hard Drive Capacity
    1418.15 Gigabytes Hard Drive Free Space
    Keyboard
    Logitech wireless
    Mouse
    M 185 wireless
    Internet Speed
    12 ms Jitter 8 ms Download 10.5 Mbps Upload 1.7
    Browser
    Edge & FF
    Antivirus
    Windows Defender
Brink

Brink

Administrator
Staff member
MVP
Thread Starter
Local time
5:41 AM
Posts
8,464
Visit site
OS
Windows 11 Pro for Workstations
flashh4 said:
Not sure if i am lucky or not but my PC doesn't support device encryption, might just be something else to worry about !!
Chuck
Click to expand...
Hello Chuck, :)

Device Encryption will only be available for devices that support Modern Standby.

If Device Encryption is not available to you, you should still be able to use BitLocker instead unless you have the Home edition installed.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    1TB Samsung 980 PRO M.2,
    6TB WD Black WD6001FZWX
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    APC SMART-UPS RT 1000 XL - SURT1000XLI,
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro for Workstations
    Computer type
    Laptop
    Manufacturer/Model
    HP Spectre x360 2in1
    CPU
    i7-1065G7 3.9 GHz
    Memory
    16 GB LPDDR4-3200
    Graphics card(s)
    Intel Iris Plus
    Sound Card
    Intel SST
    Monitor(s) Displays
    13.3" 4K UWVA AMOLED multitouch
    Screen Resolution
    3840 x 2160
    Hard Drives
    512 GB PCIe NVMe M.2 SSD
    Browser
    Google Chrome
    Antivirus
    Windows Defender and Malwarebytes Premium
flashh4

flashh4

Well-known member
Member
VIP
Local time
4:41 AM
Posts
597
Visit site
OS
Windows11
Hey Brink, yes that is what my system has/had installed !!
So guess i am good there, thanks for letting me know !!
Chuck
 

My Computer

System One

  • OS
    Windows11
    Computer type
    PC/Desktop
    Manufacturer/Model
    HP HP ENVY TE01
    CPU
    2.90 gigahertz Intel Core i7-10700
    Motherboard
    Board: HP 8767 A (SMVB)
    Memory
    16214 Megabytes Usable Installed Memor
    Hard Drives
    1511.52 Gigabytes Usable Hard Drive Capacity
    1418.15 Gigabytes Hard Drive Free Space
    Keyboard
    Logitech wireless
    Mouse
    M 185 wireless
    Internet Speed
    12 ms Jitter 8 ms Download 10.5 Mbps Upload 1.7
    Browser
    Edge & FF
    Antivirus
    Windows Defender
Brink

Brink

Administrator
Staff member
MVP
Thread Starter
Local time
5:41 AM
Posts
8,464
Visit site
OS
Windows 11 Pro for Workstations
flashh4 said:
Hey Brink, yes that is what my system has/had installed !!
So guess i am good there, thanks for letting me know !!
Chuck
Click to expand...
:shawn:
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    1TB Samsung 980 PRO M.2,
    6TB WD Black WD6001FZWX
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    APC SMART-UPS RT 1000 XL - SURT1000XLI,
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro for Workstations
    Computer type
    Laptop
    Manufacturer/Model
    HP Spectre x360 2in1
    CPU
    i7-1065G7 3.9 GHz
    Memory
    16 GB LPDDR4-3200
    Graphics card(s)
    Intel Iris Plus
    Sound Card
    Intel SST
    Monitor(s) Displays
    13.3" 4K UWVA AMOLED multitouch
    Screen Resolution
    3840 x 2160
    Hard Drives
    512 GB PCIe NVMe M.2 SSD
    Browser
    Google Chrome
    Antivirus
    Windows Defender and Malwarebytes Premium
Try3

Try3

Well-known member
Power User
VIP
Local time
11:41 AM
Posts
1,379
Location
The proper part of London
Visit site
OS
Windows 11 Home x64 Version 22H2 Build 22621.1413
Do you know of any method of upgrading [Repair install procedure] to Windows 11 that prevents Device encryption being enabled?

Denis
 

My Computer

System One

  • OS
    Windows 11 Home x64 Version 22H2 Build 22621.1413
ThrashZone

ThrashZone

Minor Threat
Power User
VIP
Local time
5:41 AM
Posts
1,412
Visit site
OS
Linux-Mint-Cinnamon-20.2 Win-7-10-11Pro's
Hi,
Where's the reg file to disable this via group policy and maybe registry ?
 

My Computer

System One

  • OS
    Linux-Mint-Cinnamon-20.2 Win-7-10-11Pro's
    Computer type
    PC/Desktop
    Manufacturer/Model
    asus x3
    CPU
    10900k & 9940x & 5930k
    Motherboard
    z490-Apex & x299-Apex & x99-Sabertooth
    Memory
    Trident-Z Royal 4000c16 2x16gb & Trident-Z 3600c16 4x8gb & 3200c14 4x8gb
    Graphics Card(s)
    Titan Xp & 1080ti FTW3 & evga 980ti gaming
    Sound Card
    Onboard Realtek x3
    Monitor(s) Displays
    1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
    Screen Resolution
    1920-1080 not sure what the t.v is besides 43" class scales from 1920-1080 perfectly
    Hard Drives
    To many to list
    PSU
    1000p2 & 1200p2 & 850p2
    Case
    D450 x2 & 1 Test bench in cherry Entertainment center
    Cooling
    Custom water loops x3 with 2x mora 360mm rads only 980ti gaming air cooled
    Keyboard
    G710+x3
    Mouse
    Redragon x3
    Internet Speed
    xfinity gigabyte
    Browser
    Firefox
    Antivirus
    mbam pro
Brink

Brink

Administrator
Staff member
MVP
Thread Starter
Local time
5:41 AM
Posts
8,464
Visit site
OS
Windows 11 Pro for Workstations
ThrashZone said:
Hi,
Where's the reg file to disable this via group policy and maybe registry ?
Click to expand...

I haven't seen a group policy available for Device Encryption yet.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    1TB Samsung 980 PRO M.2,
    6TB WD Black WD6001FZWX
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    APC SMART-UPS RT 1000 XL - SURT1000XLI,
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro for Workstations
    Computer type
    Laptop
    Manufacturer/Model
    HP Spectre x360 2in1
    CPU
    i7-1065G7 3.9 GHz
    Memory
    16 GB LPDDR4-3200
    Graphics card(s)
    Intel Iris Plus
    Sound Card
    Intel SST
    Monitor(s) Displays
    13.3" 4K UWVA AMOLED multitouch
    Screen Resolution
    3840 x 2160
    Hard Drives
    512 GB PCIe NVMe M.2 SSD
    Browser
    Google Chrome
    Antivirus
    Windows Defender and Malwarebytes Premium
ThrashZone

ThrashZone

Minor Threat
Power User
VIP
Local time
5:41 AM
Posts
1,412
Visit site
OS
Linux-Mint-Cinnamon-20.2 Win-7-10-11Pro's
Brink said:
I haven't seen a group policy available for Device Encryption yet.
Click to expand...
Hi,
Sadly I have not either
Has to be a regedit though :/
 

My Computer

System One

  • OS
    Linux-Mint-Cinnamon-20.2 Win-7-10-11Pro's
    Computer type
    PC/Desktop
    Manufacturer/Model
    asus x3
    CPU
    10900k & 9940x & 5930k
    Motherboard
    z490-Apex & x299-Apex & x99-Sabertooth
    Memory
    Trident-Z Royal 4000c16 2x16gb & Trident-Z 3600c16 4x8gb & 3200c14 4x8gb
    Graphics Card(s)
    Titan Xp & 1080ti FTW3 & evga 980ti gaming
    Sound Card
    Onboard Realtek x3
    Monitor(s) Displays
    1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
    Screen Resolution
    1920-1080 not sure what the t.v is besides 43" class scales from 1920-1080 perfectly
    Hard Drives
    To many to list
    PSU
    1000p2 & 1200p2 & 850p2
    Case
    D450 x2 & 1 Test bench in cherry Entertainment center
    Cooling
    Custom water loops x3 with 2x mora 360mm rads only 980ti gaming air cooled
    Keyboard
    G710+x3
    Mouse
    Redragon x3
    Internet Speed
    xfinity gigabyte
    Browser
    Firefox
    Antivirus
    mbam pro
You must log in or register to reply here.

Similar Windows 11 Tutorials

  • Article
Devices Roll Back Device Driver to Previous Version in Windows 11
Replies
0
Views
453
Brink
Brink
  • Article
Privacy and Security Check BitLocker Drive Encryption Status of Drive in Windows 11
Replies
0
Views
7K
Brink
Brink
  • Article
Devices Add or Remove "Open as Portable Device" Context Menu in Windows 11
Replies
0
Views
599
Brink
Brink
  • Article
Network and Internet Change Encryption Level for File Sharing Connections in Windows 11
Replies
0
Views
2K
Brink
Brink
  • Article
Browsers and Mail Send tab to your devices in Microsoft Edge
Replies
0
Views
587
Brink
Brink
  • Article
Browsers and Mail Log Out a Device from Facebook
Replies
0
Views
501
Brink
Brink
  • Article
Virtualization Enable or Disable Advanced Networking for WSA in Windows 11
Replies
0
Views
949
Brink
Brink

Latest Tutorials

Latest Support Threads

Top Bottom