Bitlocker soon also for Windows 11 Home: Data protection with risk of data loss
8/5/2024
Translation: machine translated
When reinstalling Windows with version 24H2, inexperienced private users could soon have a problem. Windows automatically activates data encryption with Bitlocker.
Encrypting your own data and protecting it from unauthorised access is actually a good thing. Bitlocker has been doing this on Windows since Vista. However, it was previously only available for Pro, Enterprise and Ultimate editions. With the new Windows 11 version 24H2, encryption is now also automatically activated when reinstalling Home versions. And if you don't realise this, you may lose access to your own data.
More security with Bitlocker
Bitlocker is a hard drive encryption function integrated into Microsoft Windows. It encrypts all data on the system drive and other integrated drives - but not external drives such as USB sticks. This is indispensable for companies and when portable devices such as laptops are lost.
If the computer detects unauthorised access, for example if certain changes are made in the UEFI or if a boot stick is used, it prompts you to enter the recovery key. Without it, access to the data on the hard drive is not possible. You can find further triggers for the key request here.
Encryption, potentially without the user's knowledge
Bitlocker was already available with Windows version 23H2 for Home systems, but was not activated by default. This will change with 24H2 - data encryption will be carried out automatically after a new Windows installation. Jürgen Breuer from the tech blog Deskmodder drew our attention to this change. However, it also harbours risks for users. Private individuals often do not know what Bitlocker is and therefore have no reason to retrieve and save the recovery key.
If the encryption takes place without the user's knowledge and they do not know the key, they can lose access to their data. Breuer cites a Windows reinstallation as the worst-case scenario after encryption. This can be done, but additional drives are still secured with the old key. Without this, there is no chance of decrypting the data again.
The topic is not entirely new. At the beginning of 2023, there were reports that OEM Windows versions are already affected. Some device manufacturers activate the encryption option in the UEFI in advance. Windows then executes it without the buyer being aware of it. Many of those affected report that the request to enter the key took them completely by surprise.
Save the key or deactivate Bitlocker
So it's best to check whether Bitlocker is activated on your Windows device. To do this, search for "Bitlocker" and click on "Bitlocker management". If you see that your data is encrypted, you should display the key and keep it safe. Alternatively, you can also undo the encryption. For private computers, the risk of unauthorised access should be relatively low - mobile devices such as notebooks and convertibles excluded.
Disabling can also be useful if the constant activity of Bitlocker slows down your system. Apparently, the SSD speed can decrease by up to 45 per cent when Bitlocker is activated <p
Header image: Shutterstock/Curt Bauer
Feels just as comfortable in front of a gaming PC as she does in a hammock in the garden. Likes the Roman Empire, container ships and science fiction books. Focuses mostly on unearthing news stories about IT and smart products.