28/09/2022

Fibas Tech

Only Good Technology

Configure BitLocker hardware-based encryption for mounted knowledge drives

Configure BitLocker hardware-based encryption for mounted knowledge drives

As BitLocker gives two several types of encryption. This information will will let you transfer between hardware-based and software-based encryption for mounted knowledge drives. It’s conceivable to modify between two encryptions the use of Native Crew Coverage Editor and Registry Editor on Home windows 11/10 PC. Alternatively, your pc will have to strengthen hardware-based encryption as a way to use this variation.

configure BitLocker hardware-based encryption for mounted knowledge drives

To configure BitLocker hardware-based encryption for mounted knowledge drives, apply those steps:

  1. Press Win+R to open the Run steered.
  2. Sort gpedit.msc and press the Input button.
  3. Move to BitLocker Power Encryption > Mounted Information Drives in Laptop Configuration.
  4. Double-click at the Configure use of hardware-based encryption for mounted knowledge drives surroundings.
  5. Make a selection the Enabled possibility.
  6. Set the principles accordingly.
  7. Click on the OK button.

To be told extra about those steps, proceed studying.

For purchasing began, you want to open the Native Crew Coverage Editor in your pc. To do this, press Win+R to open the Run steered, sort gpedit.msc, and press the Input button.

Then, navigate to this trail:

Laptop Configuration > Administrative Templates > Home windows Elements > BitLocker Power Encryption > Mounted Information Drives

Right here you’ll discover a surroundings known as Configure use of hardware-based encryption for mounted knowledge drives. You want to double-click in this surroundings and make a choice the Enabled possibility.

How to configure BitLocker hardware-based encryption for fixed data drives

Now you’ll see and allow two settings:

  • Use BitLocker software-based encryption when {hardware} encryption isn’t to be had
  • Prohibit encryption algorithms and cipher suites allowed for hardware-based encryption

You’ll be able to allow those settings through ticking the corresponding checkboxes. In spite of everything, click on the OK button to save lots of the trade.

Configure BitLocker hardware-based encryption for mounted knowledge drives the use of Registry

To configure BitLocker hardware-based encryption for mounted knowledge drives the use of Registry, apply those steps:

  1. Seek for regedit and click on at the seek consequence.
  2. Click on the Sure button.
  3. Navigate to Microsoft in HKLM.
  4. Proper-click on Microsoft > New > Key and identify it FVE.
  5. Proper-click on FVE > New > DWORD (32-bit) Worth.
  6. Set the identify as FDVAllowSoftwareEncryptionFailover.
  7. Double-click on it and set the Worth knowledge as 1.
  8. Create every other REG_DWORD price named FDVHardwareEncryption.
  9. Set the Worth knowledge as 1 to allow.
  10. Create every other REG_DWORD price named FDVRestrictHardwareEncryptionAlgorithms.
  11. Set the Worth knowledge as 1 to allow.
  12. Proper-click on FVE > New > Expandable String Worthand identify it as FDVAllowedHardwareEncryptionAlgorithms.
  13. Double-click on it to set the Worth knowledge as 2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42.
  14. Restart your pc.

Let’s take a look at those steps intimately.

First, seek for regedit within the Taskbar seek field, click on at the seek consequence, and click on the Sure button within the UAC steered to open Registry Editor. Then, navigate to this trail:

HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoft

Proper-click on Microsoft > New > Key and identify it as FVE.

How to enforce BitLocker drive encryption for removable data drives

Proper-click on FVE > New > DWORD (32-bit) Worth and identify them as follows:

  • FDVAllowSoftwareEncryptionFailover
  • FDVHardwareEncryption
  • FDVRestrictHardwareEncryptionAlgorithms

How to enforce BitLocker drive encryption for removable data drives

Following that, double-click at the FDVHardwareEncryption and set the Worth knowledge as 1.

How to configure BitLocker hardware-based encryption for fixed data drives

Subsequent, double-click on the remainder of the 2 REG_DWORD values and set the Worth knowledge as 1 to allow and to disable.

As soon as completed, right-click on FVE > New > Expandable String Worth and set the identify as FDVAllowedHardwareEncryptionAlgorithms.

Subsequent, double-click on it and set the Worth knowledge as 2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42.

In spite of everything, shut all home windows and restart your pc.

Learn: The Startup choices in this PC are configured incorrectly Bitlocker error

How do I make BitLocker use {hardware} encryption?

You’ll be able to make BitLocker use {hardware} encryption as a substitute of application encryption with the assistance of the Native Crew Coverage Editor or Registry Editor. For that, you want to open the Configure use of hardware-based encryption for mounted knowledge drives surroundings and make a choice the Enabled possibility. Then, take away the tick from the Use BitLocker software-based encryption when {hardware} encryption isn’t to be had checkbox and click on the OK button.

Learn: Flip On BitLocker for Home windows Machine Power with out TPM

Does BitLocker use {hardware} encryption?

Sure, BitLocker might use {hardware} encryption so long as your pc has the ability. If hardware-based encryption isn’t to be had in your pc, BitLocker might use software-based encryption. If it is for the detachable force or mounted force, the coverage is identical for all.

That’s all! Hope this information helped.

Learn: Flip On or Off Auto-unlock for BitLocker Encrypted Information Drives in Home windows 11/10.

How to configure BitLocker hardware-based encryption for fixed data drives