Windows 10 BitLocker will now use software encryption by default

Posted on Monday, Sep 30 2019 @ 13:30 CEST by Thomas De Maesschalck
MSFT logo
With last week's rollout of the KB4516071 update for Windows 10, Microsoft changed the default behavior of its BitLocker full drive encryption tool. Previously, the feature would automatically use hardware-based encryption when a disk claimed to support it, but now Microsoft will no longer trust SSD maker and will instead use software encryption for newly encrypted drives.

The software-based encryption will be a bit slower but should be more secure. As Tom's Hardware points out, the reason for this change is because many SSDs with hardware-based encryption do not offer proper security:
"SwiftOnSecurity" called attention to this change on September 26. The pseudonymous Twitter user then reminded everyone of a November 2018 report that revealed security flaws, such as the use of master passwords set by manufacturers, of self-encrypting drives. That meant people who purchased SSDs that were supposed to help keep their data secure might as well have purchased a drive that didn't handle its own encryption instead.
For existing drives, nothing will change.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments