BitLocker is a feature of Windows 10 that aims to encrypt the disk drive, to protect its content, against unknown or unauthorized users. When a device stores data of high confidentiality or value, this encryption is very important.
Even if you do not consider it, you are constantly exposed to threats both online and internally, BitLocker has shown a high level of protection. However, they were recently found SSDs malfunctionif this is your case, we will teach you how to solve it.
How is the status of BitLocker checked in Windows 10?
Surely the reasons why you decided to protect your drive with BitLocker are related to yours high security against information theft. In most cases it is usually a good solution, so if you meet the hardware features you see and learn how to enable BitLocker on Windowsthis is still an excellent security decision.
Now, in the face of malfunctions with SSD or solid state hard drives, Microsoft itself has recommended disable hardware encryption to then modify the software encryption, with this we block the access to the encryption passwords when it is deactivated.
If you think that you are among the users who need to implement this configuration, the first step is to test that theory checking current encryption of BitLocker, this is accomplished as follows:
- In the search section of the start menu, type “CMD”, in the displayed “command prompt” option, right-click and run as administrator.
- Now enter “Manage-bde.exe -status” and press enter.
- The terminal will return one Total BitLocker evaluation, from Version, Media Encryption Percentage, Method used, protection and lock status, auto unlock option and more.
What are the different methods for disabling BitLocker encryption?
If after encrypting a USB or hard drive using BitLocker and performing the status check, just described, you have found vulnerabilities In security, the next step is to disable encryption, there are several methods you can use and now we will explain them in detail.
The PowerShell console interface, via command lines, allows manage the various BitLocker tools in simple steps, from setting and removing the password to access a USB to disabling the same BitLocker. This time, it is precisely what we are going to use it for today, as follows:
- The first thing is to access the PowerShell console as an administrator, go to the search section of the start menu, type “PowerShell” in the option shown, right click and select “Run as administrator”.
- You will see a new terminal window in which you will enter this statement “Enable-BitLocker -HardwareEncryption: $ False”, Immediately press the Enter key. Disabling BitLocker on your Windows 10 computer will be ready.
From group policies
Enterprise, Pro, and Studio versions of Windows 10 allow you to directly access the Group Policy or Policy Editor (gpedit.msc). This is a very useful opportunity in a corporate environment, because you can do it in a more precise way configuration changes of the operating system.
If your computer is not state-of-the-art, but you managed to access “gpedit.msc” in order to activate and use Bitlocker protection without TPM, or it may be a business-sharing device, you may already know , which through this same editor, is possible disable BitLocker encryptionby performing these steps:
- Simultaneously press the “WIN + R” keys, this will open a “Run” window quickly.
- It is time to enter “gpedit.msc” to open the Group Policy Editor.
- A new window will appear with a number of folders in which to locate the following address Computer Settings> Administrative Templates> Windows Components> BitLocker Drive Encryption> Operating System Drives.
- Now, find in the center panel the policy called “Configure the use of hardware-based encryption for operating system drives”, there you will double-click to open it.
- The edit window will be displayed, where you must tick the “Disabled” option, apply and accept to update the changes, so BitLocker protection is disabled in your Windows 10.
In the record editor
If you do not have a professional Windows 10, then you can choose to use the Registry Editor, which is integrated in all versions, to remove BitLocker encryption in an equally simple way. To modify this parameter, the first thing is:
- In a run window, launch the following “Regedit” command.
- You will get a new window with a set of locations, be sure to follow the next path very carefully, HKEY_LOCAL_MACHINE> SOFTWARE> Policies> Microsoft> FVE.
- If you do not find the last “FVE” folder, you have to create it, in which case by right-clicking on “Microsoft”, choose the “New” option and then “Key”, to finish naming the file “FVE”.
- Now hover over the newly created key and right-click on an empty space, select “New / DWORD Value (32-bit)” and name it “OSAllowedHardwareEncryptionAlgorithms”
- Immediately double-click on the value to open the edit window, under “Value information”, enter a number “0” and click on “OK”. You will have the Bitlocker encryption override on your SSD ready.