After reports of widespread flaws in hardware-based SSD encryption, Microsoft has pushed out an update that defaults BitLocker protection to software-based AES encryption.

Microsoft ’s software encryption for SSDs, BitLocker, has been found to be slowing down SSD performance by up to 45% in Windows 11 Pro.

VeraCrypt supports AES, TwoFish, and Serpent encryption ciphers, and supports the creation of hidden, encrypted volumes within other volumes.

In the upcoming 24H2 update, Microsoft introduced BitLocker encryption as a default feature for Windows 11, ensuring automatic data security on new and clean installations. Previously restricted ...

By default, it uses the AES encryption algorithm in CBC mode with a 128 bit-key, combined with the Elephant diffuser for additional disk encryption security not provided by AES.

Microsoft is warning that modern PCs which support specialized encryption functions for BitLocker and other encrypted drives may be subject to data damage and performance slowdowns.

Enable or disable hardware-based encryption on BitLocker removable drives using Local Group Policy Editor and Registry Editor on Windows 11/10.

What just happened? Most people who buy SSDs and use the baked in hardware encryption capabilities as provided by manufacturers trust their data to be safe. However, it turns out the firmware on ...

How do I change the encryption type of BitLocker? Use the Group Policy Editor as before, but this time select the “Choose drive encryption method and cipher strength”.