The next feature update for Windows 11 enables automatic device encryption for users of the operating system. This happens automatically in the background and for most users, but there are exceptions.
What is Device Encryption and how does it differ from BitLocker Drive Encryption?
Device Encryption is based on BitLocker, Microsoft’s encryption technology. It is an automatic system that will encrypt the Windows partition and other fixed drives.
In other words: most drives that are internal will be encrypted by Device Encryption.
Encryption protects data on the drives to prevent unauthorized access.
BitLocker Drive Encryption on the other hand is only available for Pro, Enterprise, and Education editions of Windows. It gives administrators control over the technology and needs to be enabled manually.
The change in Windows 11 24H2
Starting with the release of Windows 11, version 24H2, Windows 11 will encrypt drives automatically using Device Encryption in the following cases:
- During first sign-in with a Microsoft account, or work or school account.
- During first set up of the device, if a Microsoft account is used.
Windows 11 will start the encrypting of the drives immediately in the background.
Windows users who create a local account during set up won’t have their drives encrypted. Microsoft notes here that it is possible to do that manually though.
Note: Microsoft is making it harder and harder to set up Windows without a Microsoft account. It is still possible, but most users are probably unaware of this.
Enabling or disabling Device Encryption manually
You need to sign-in with an administrator account to manage Device Encryption. Also, it is possible that the feature is not supported on the device.
Here is how to find out and manage it:
- Select Start and then Settings to open the Settings app.
- Go to Privacy & security > Device Encryption.
If you do not see Device Encryption on the page, it is either unavailable on the device or you are signed-in with a standard user account.
Device Encryption offers a simple toggle to turn the feature on or off.
How to find out why Device Encryption is now available
Here is a step-by-step guide on finding out why Device Encryption is not supported.
- Open the Start menu.
- Type System Information.
- Select Run as adminstrator.
- Scroll down to Automatic Device Encryption Support or Device Encryption support.
- Hover over the entry to see the reason why it is not supported.
What is your take on Device Encryption? Do you use BitLocker encryption on your devices? Let us know in the comments below.
So now M.$ is now moving up from adware to ransomware.
Note: You should do another story about Rufus. I used it when I first installed windows 11 and it I was amazed at how easy it was to install the OS without all the bullshirt usually forced upon you.
Yes, Rufus is excellent for that.