I'll guess when bitlocker asks for the key and you don't have it. What was worse, many bitlocker W10 home version users found out that Microsoft didn't have it either.
@@Lofote Let's face it: most people, even if they do write down that long number, can lose it. C'mon! How many times have you written something down or printed it out, thought you put it in a safe place, then forgot where you put it? It happens. It's human nature.
Totally agree with you Brian. I have a fancy that this is going to cause problems for the normal "Home" user. If they don't understand any of this, they are at risk of losing data if something goes awry. Best to be OFF by default but encourage use, and set it up from scratch. There are going to be people that do not note the encryption key. It could all end in tears, as Microsoft instigates something at half-cock. Of course, if you lost everything, Microsoft's EULA will deny all responsibility.
@@Britec09 You can turn it off in Regedit: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Bitlocker New Dword 32-bit named "PreventDeviceEncryption" Set data value to "1" Click "OK" Exit Regedt {with acknowledgements to "Windows Latest", that you mentioned in your video.}
@@Britec09can the complete Ms bitlock drive be third party imaged so if the drive fails the owner has a fall back. I wouldn’t doubt someone at MS is making an update to stop the above regedit.
Sorry but I just want to clear up some confusion. My Windows 11 license has been inherited from a very old Windows 7 license through upgrade cycles. I have had Pro editions of Windows before but as of right now my Windows 11 is "Home" edition, BitLocker is completely unavailable in this edition even in the classic Control Panel. I figure most "Home" users would thankfully be using only the "Home" edition as well, meaning that they might not even have this feature. Same way I don't have access to the "Windows Sandbox". Are they really turning this on for "Home" editions? This feature is useful for people who move their PCs around a lot (laptops) and other mobile professionals, but those people are already aware and likely have a different work computer.
@@quademasters249 On which account? as PC's can have multiple accounts. Do you see where the user confusion happens, they hunt for a key on their account that doesn't exist. Also people delete/change MS accounts, opps what key where?
@@quademasters249 People are fine with it and THAT is the problem. I still remember (as a developer) back in 2000 when users would fall on you like a ton of bricks if your application did something on the Internet (even if it was perfectly legit). Now? Nobody cares. We are being slowly boiled in hot water like the proverbial frog. This is obviously not going to end well - just wait until money becomes digital and the social credit system is introduced everywhere. 1984, anyone?
Now lets think about this. Jusst 6 months ago Microsoft said bit locker slows down ssd's by 40%. now why would anyone wanna a program that would do that to be running by default. If they didn't fix the issue then lots of users are fixing to get screwed.
What is one of the most common things people get told when their computer can't run software fast enough? Get a new computer. This means buying a new PC from their OEM of choice giving Microsoft another Windows sale and the OEM another sale on their stock of computers. Now will it solve the problem, no. But it will generate some sales.
It can potentially be improved to be less than 40% but ultimately it's an encryption/decryption process that is constantly running on the computer, so it's always going to be a slow down on the system. Personally this security measure is best used on drives that are used for storage, not the main drive for the OS. That Microsoft is shoving this into our throats is just bad, they think this is the future, but I still remember what they said about Windows 10, that it was going to be the last and ultimate OS. Now I hear that Windows 12 is coming, do they still believe their own bullshit?
It's easy enough to turn off, but the average user might not even know it's enabled or if they do how to turn it off. There-in lies the problem. The average user might be unaware until it's too late.
@@wildbill4496 I could only turn it off on my ROG ALLY, By using the command prompt. One of my friends got his OS corrupted on his ROG ALLY when He tried using a restore point, After it did it's thing he was prompted to use the bitlocker recovery key, He wasnt even aware that bitlocker was turned on by default. He had to resort to the ASUS cloud recovery service, Because windows refused to boot after typing in the key.
Bitlocker became mandatory due to the sensitive nature of collected personal data. Standard editions of Microsoft Windows 11 are clearly spyware pretending being an operating system. With so many personal data collected, preprocessed and compiled by Windows, Microsoft could be sued, if somebody steals your computer and abuses your data. While TPM 2.0 can mitigate this problem, only a harddisk encryption can circument it. Whoever wants less telemetry, has to pay a monthly fee of USD 31…35 (dependend on the volume licencing agreement). After the initial purchase, of course. This edition is termed Windows Enterprise and is neither sold as a retail version, nor as OEM-edition. Since Microsoft 365, we know, Microsoft will switch to a subscription model with Windows. This is the Economy 4.0. Why to own something, when you can get it by a monthly subscription fee?
I would say more that half of the PC users don't know what bitlocker is and have no idea where the key is located. Then add to that which user account it was created under, forget user password, issues with password recover/reset. This is guarenteed to lose more data than it will ever protect it from theft.
This is why I started switching my PCs to Linux Mint, so much bloat, so many headaches, with Mint I can just install my games, and it boots up in 2 seconds.
Your GPU is fine to swap, but the Bitlocker encryption uses your devices TPM module "usually it is an actual removable chip on the MB or built into the CPU also called fTPM". If you swap the MB/CPU you will most likely need that Bitlocker Key to recover the data, or preferably make sure the drive is not encrypted before making the switch. Idk how the forced Bitlocker thing will work on newer Windows PCs & I would de-crypt it immediately if you do not think you will be able to securely keep a copy of that key. Bitlocker is only on Windows 11 Pro? Somehow Pro has ads too... There is really hardly a difference between the two versions now... almost sounds like the pro version is worse? Linux has this option on some OS's for Free but of course I don't do it because I don't trust myself to keep that key stored some ware safe and not lose it.
Yes, if you lose your key, you cannot access your data. I saw a video made by a computer technician and he recommended not logging in with a Microsoft account and not enabling BitLocker. It may not be for home users
Instead of freaking out and fearmongering all, why did the comp technician neglect to showcase the method of navigating to aka·ms/myrecoverykey, not to mention the ability to print out the key (to a file) and save to a USB?
The only reason for this is so at some point in the future Microsoft can start charging a subscription fee for the use of windows. Fail to pay your subscription fee and you're locked out of your own computer.
Definitely becoming an Orwellian system.. little by little. I'll bet most people don't even realize Microsoft is tracking everything you do on the computer by default.. even down to your search box entries. Imagine if they decided to start using all this information against people down the road?
Had many customers over the years who have no clue or no the key, very costly lessons for them, I hope MS back track on this just to save people having issues or not knowing what to do
Thanks for the heads up! Fortunately, my computer doesn't meet the requirements for Windows 11 (processor). I'll bear it in mind when I build my next machine and probably install Linux instead 🤣
Microsoft and I have very different definitions of what personal computer means. My new machines are getting Linux installed. At least my windows machines have some great components to donate to my Linux boxes when Redmond crosses the line.
I've been using Linux Mint Cinnamon for a couple months and I love it. No headaches.. no mysterious changes to your OS in the middle of the night, no spying, no viruses... I have it customized perfectly to my liking. I have some Windows computers for my games, but I fired Windows 11. All my daily drivers are Linux powered. It's worth trying it out anyways.. and it costs zero dollars.
i dual boot mint and windows (but to be fair i'm using mint MORE than 99% of the time), and i still can't sip tea. this will still affect me even though i dual boot windows 10. imagine helping people being fck'd by this. it's going to be hell
@@dansanger5340 it doesn't encrypt your drive by default. It asks you what you would like to do. you can still have a password to get into the pc. and unless someone else is using Linux or know that you do. if they plug your drive into a window's machine, it will see it as nothing there and ask if you want to format the drive. As it uses a different file system to windows. So for me that is low level encryption that is good enough for me. Without the risk of loosing my data due to an encryption program like Bitlocker messing things up for you. I'm not carrying any state secrets.
using my custom win11 install on my mini pc sipping tea, coffee or whatever is in the cup at that time mainly because it has auto hdr which linux does not, does linux even support hdr or you need 50 shamans to get it to work? lol
@@Britec09 Yes, Windows 11 Home on my HP Omen encrypts the drive every time you restore it. But I always turn off the encryption once I get back in to Windows
I agree with Brain. This is already a problem. I work in a big box store and all systems are now bitlocked out of the box. I just had to decrypted a drive today and the customer never new that her drive was encrypted. It is and will continue to be a problem.
It's just an option you switch on, that encrypts your drive incase your computer is lost, stolen or compromised. If you lose your looong key then you're screwed.
Bitlocker also (same as any encryption application) slows down gaming performance. Some gamers, who may keep a portable “Steam library” drive, may be affected less than other gamers, but this still hurts the majority of PC games if they use Windows 11 (which is the only OS that properly manages P+E core CPUs)
What's with Microsoft yes I understand them wanting to improve security but shouldn't the end user have the choice here also microsoft should really be informing the end user about Bitlocker and how to use it. A common error that was made because the end user really had no idea about what Bitlocker was they would store their keys on their systems and when things went wrong they couldn't access their data and neither could IT repair shops. Microsoft should give people the option on install to have Bitlocker or not this is another bad move forcing this on the end user.
@Britec09 Hi Brian. Just curious, with drive encryption, what happens when a sector is damaged somehow, can you still decrypt the hard drive? I'm a bit fuzzy on this encryption, if you encrypt a file and that get damaged, you lose it right? But what happens when the whole drive is encrypted? Cheers mate.
@@itstheweirdguy Thanks for your reply, but, yes I back up my data all the time, I use syncback pro. But, the question i'm asking, is, If just 1 sector is damaged, are you able to log back into an encrypted drive. Have you had experience or are you just googling the answer?
@@Zendukai I clone hard drives and ssd's all the time, it really depends. I've never seen one single bad sector be a showstopper on a bitlocker volume or a non bitlocker volume. I've been able to decrypt those drives in windows and clone them. It's rarely just one sector by the time you notice though.
@@itstheweirdguy Thanks, I haven't had anything to do with encrypting a full hard drive, so as long as we can still decrypt a hard drive with errors, I feel a bit safer. I have been using a computer since windows 95 lol. The times that I encryted a file and an error was found, that file was lost to the universe, so encrpting a full drive I was thinking I would lose the lot.
Hi Brian, thanks for the video. I don't like that when reinstalling or clean installing, Windows 11 automatically starts encrypting the disks. I think it should be up to the user to decide whether they want BitLocker on or off. However, you can prevent Windows 11 from encrypting your disks during installation by modifying the installation image or tweaking the registry during installation. If you use Rufus when you do a clean install, it has a box where you can disable BitLocker automatic device encryption. Sure, BitLocker can be good to have turned on for better security, but it can also create problems, as you also mention in your video take care, Brian, and have a nice Thursday.
disable tpm and secure boot in bios and make a custom win install, not a rocket science but i don't expect average joes and janes doing that or having 5 minutes away from their fb or insta posts to do basic research
it's pretty straight forward, it's like a 2 or 3 step process. Type "bitlocker" into the start menu, click "Manage Bitlocker", go to the drive that it's enabled on, then select "Turn off Bitlocker"
This makes more sense for laptops than desktops. For laptops that get taken to/from the office/school/hotel/etc. this makes a lot of sense to have enabled and it's something I do on my Linux laptops. On the desktop, now it's a debate to be had. Desktops don't move from place to place very often. At most they may move around a building from furniture arranging at home to changing locations in a building at work. However, the desktop is generally fixed in place. It's not as likely to be stolen as a laptop is (though the chances aren't zero). My guess is, this gives people more reason to keep up with their cloud backups of their data (which Microsoft just happens to have OneDrive to handle that). As people get burned by losing their data when they get locked out of it (would not surprise me if a Windows update causes it at some point given their track record), people will be more likely to want to make sure they have a backup of their data and guess who has a built in option in Windows to do just that? Microsoft who is pushing AI onto people. The same AI that'll be integrated into OneDrive. Nobody knows what that means yet for their data privacy (Microsoft has NOT been clear on this so we honestly don't know), but you can see how one feature change can quickly tie into something else without a hole lot of thinking here.
This means people will need to do more to make sure they are backing up. I've mostly moved past the need to backup critical files with multiple access way to get to critical information I need.
I need Bitlocker about as much as I need one drive, or microsoft cloud service, which is not at all. If I'm forced to install it, I'll pull it out by its roots if I have to. A forty percent slowdown on my SSDs would be worse than going back to using HDDs.
I remember my dad's laptop had bit locker enabled by default by the manufacturer and the key got corrupted and took weeks of chasing up the manufacturer to get them to do something about it.
@Britec09 *THANK YOU* for this heads-up!😁🥰👍 I have a new laptop running Win 11. Turning BitLocker OFF (from its default ON-state) has *Thank Goodness!* the consequence that all the data is automagically DEcrypted. This is imho *not at all* an obvious consequence. One might (with Windoze) expect to be required to separately, manually opt for decryption. Dunno how long the ENcryption takes, but DEcryption of 134 GB (144 GiB) on an SSD took over 2 hours with NO user-apps running. This is a guesstimate' the 1st 40% took about an hour, the rest happened during my nap of about 2.5 hours. According to the Task Manager the SSD was being used 100%, the CPU ran at 23%, memory-use was around 5 GB. (Now, with only the Vivaldi browser running, CPU is at 2-3%.)
my friend's laptop was doomed after he installed the windows update, his important files were gone cuz microsoft automatically enables it and asking for the recovery key that he didn't set, he is using windows 11 home, basically it looks like a ransomware, we ended up reinstalling windows 11 to make his laptop usable again
Bitlocker on Windows Pro has been the default since Windows 10 v20H2, I believe (possibly even as far back is 1907). It was automatically enabled if you installed with a Microsoft account. Microsoft didn't even tell OEMs that this was happening. Worked tech support for a major PC vendor for 25 yrs up until 2023; this was one of MS's biggest headaches. It got to where, when I had to walk a customer through an OS reinstall, I asked them if they wanted BitLocker, and showed them how to disable it after the OS install completed and advised doing it before installing any drivers, updates, or apps, since the more data on the system, the longer it takes to decrypt the drive. So this is actually very old news.
Just as well I've paused my updates until 2032 than isn't it? My friend had a PC that he wanted to have by the side of the TYV, so I installed 11, stupidly let it update and then he decided to change the old drive out to a new SSD, so I cloned it and then swapped it, set it to boot in the BIOS and there it was, a bitlocker key was needed. It was a hell of a job as we couldn't use that PC to go online to get it. Luckily he had decided to create an MS account during setup[ but we had to go to my house on my computer for him to log on and get the key, then we had to go back to his house and enter the ridiculously long key before his system would boot from the new drive. I immediately turned his bitlocker off and paused his updates until 2023.
Thanks for posting this!. I'm a normie home user in the midst of migrating to a new PC with 23H2 and no idea what BitLocker is. Will probably shut it down at least until I can learn how to use it.
Brian, thank you for your outstanding videos. I was recently forced to upgrade to Win11 Home on my laptop. At least Classic Start Menu solves a lot of useless GUI issues. In any case, with Win11 Home installed, I was thinking of upgrading it to Win11 Pro. Now, when 24H2 is rolled out, will BitLocker be activated on updating (Home or Pro). This isn't a new instillation, but update to and existing one. Also, in this update process, will I be able to disable BitLocker before it's installed? Thanks, Bill
I worked with Bitlocker since it's inception years ago. The performance hit was brutal on all computers. Even SSDs got seriously affected. Gaming machines will suffer. Not only that, some updates would force you to reapply the key which will be an issue. And at that time, no MS account was required.
It is not only users that forget the BitLocker code. The computer itself might not recognize it. And does even say that the saved file is invalid. What then? Or your Windows crashes, and you could under normally conditions hang the drive in a second system and save the documents (because not everybody is strong in backups.) That will be a big issue in the future. But help is on the way. Put all your documents in the cloud (or nas). And by accident, Microsoft sells cloud storage. It only makes them stronger.
It's great that they will allow it to be used in the home version. But damn, nothing I do on all of my PCs but one, is not important enough to need encryption. It should be simple for them to prompt the user during installation to keep bitlocker enabled or disable it and explain the risks of each. I tried explaining bitlocker and encryption keys to my elderly mom and honestly, she thinks a key like a car key will have to be used to turn on the PC.
Next step: Stealthily migrate the decryption key to the cloud and paywall it like they did with people's user folders using OneDrive and Storage Sense.
It's a mightmare. I think about the people that only work with the computer... with basic knowledge. If you finish in the "limbo" with C: encrypted e no Microsoft account, I have no idea... Windows it's like a ransomware.
I have been using bitlocker since the beginning of windows 10 and I still use it in 11. I do not see any performance issues and many cloning programs understand bitlocker and have options to read its data from the recovery environment
Microsoft already did it with "Device Encryption" (Stripped down Bitlocker for Home edition). Lots of laptops sold are with "Device Encryption" turn on by default. Most of the users don't even know such a feature exist!.
My company failed to inform people in advance about Bitlocker and now some admins of critical infrastructure are locked out of their PC. As far as I understood they turned off there notebooks while the encryption was still running.
Enabling is dependent on both UEFI config support and multiple hardware support requirements. I have a current model ASUS W/Station board running a 14900 CPU and msinfo32.exe reports that it is NOT compliant with automatic device encryption, due to a number of hardware related factors. In other words, it will depend on the hardware MFGs to provide support for this.
Well that is my issue with it. I have workstations come into the shop all the time with bitlocker turned on but the person no longer has the key or access to the account they installed it with. If the system is not bootable I have no way of getting their data off of it. I think the risk of losing data to a non booting system is higher than the risk of losing your laptop and someone stealing something vital. And if you have a crypto wallet stored on it either of those things happening is the same outcome.
Hey man, any chance you do a series on linux? ive tried watching other people explanations and demonstrations but you always seem to explain things in a much better way
I think most people are more worried about losing their photos, music, documents, videos etc. USB and SSD drives lose their data if left unused after a few months, with HDD's a bit longer. The Key appears to be 32 digits long, so write it down, or print it out.
Between this sort of thing and the XBox division seemingly imploding, I'm really hoping to see MS booted down quite a few rungs on the monpoly ladder. I fckin love to see it.
I had BDE enabled on my ThinkPad even with fresh install windows 11 22H2. Dunno if it required a SED NVMe. It is synced to msft account which was added to sync office key activation. Didn't see any loss in performance on Toshiba BG5 with ThinkPad L14G3 AMD
@@itstheweirdguy isn't that misinformation which can make huge percentages of data accessible to anyone with physical access? I have incompatible hardware with w11 and it is very slow with VBS hardware compared to shiny new PC bought few months ago
This all seemed scary until I had a look at encryption settings and found a switch to switch encrypting off, which then reverses the process, and you are back to normal. So it's just a matter of making sure you make a note of any key, if this is forced on you, and then just undoing the encryption. If you need to encrypt any disk, just right click on it and choose the option. None of my Windows machines have any encryption forced on them, and one was only installed from new with an oem digital key last week.
I did a fresh install of windows 11 home and it was turned on. I didn't use a microsoft account so would have been locked out if I had a failure. Thanks to you it was an easy toggle off and wait a few minutes. I also noticed a find your recovery key that takes you to microsoft button, where a video tells you where to look and if you can't find it format your device. Not Good
I'm not very tech savvy I just play games and make music. I don't want bitlocker on my PC. If I update to this will it prompt me to save my key or will it just stealthily enable bitlocker?
It is time to migrate backups to external data storage where you can control your own encryption (if you know what you are doing) And I do not mean onedrive. If ms forces it on I migrate to linux. ps. bitlocker also slows down ssd's to a crawl, still faster than a hardrive but nowhere nvme speed.
I watch from the Linux cheap seats. Can I just grab some of your popcorn? This clowncar of a megacorp going downhill is pure entertainment. I wouldn't trade our front seat for all the opera in the world. Nice beer. There it is! The clowncar! It's going past now. What? It's come to a halt. Bitlocker has seized up the engine! Oh no! But more popcorn! Yeah yeah! That's entertainment. Does Sammy Davis Jr tap dance.
Why must MS enable all settings by default? Why not let the use choose? Ok, not all users care or even know there are settings to change. But the average MS user isn't stupid. I just always found it annoying they turn everything on.
ah microsoft, heads up from people's concerns, for my opinion, tell them whether to turn on bitlocker during installs, rather than forcing them which causes billion users that use windows potentially broke their data
"Secure by default" is sort of the mantra in security circles these days. As you said, most users probably think that enabling a login password on their Windows laptop means that their data is safe if their laptop is stolen. While this change might cause a lot of heartache for people who don't follow Microsoft recommendations on saving their Bitlocker key, it might also prevent a lot of heartache for people who get their laptop stolen.
They are migrating to a subscription model. How are they going to lock you out of your own files if your files aren't encrypted in case you stop to pay? If you want something open you should use Linux.
Yesterday I launched a Live USB with Zorin OS, then restarted the PC and turns out BitLocker was activated. I never activated BitLocker. They arent just forcing new installs to have bitlocker, my notebook is NOT a new install, and bitlocker got activated anyways. Thankfully, six months ago, when I first powered on the notebook I put my microsoft account as soon as the notebook told me. But no Bitlocker setting showed up. They are lying, they aren't just forcing it on new installs. They are also activating it on some old installs even though you were never asked.
I use Linux mint on my laptop. its only use as a daily driver for web browsing, e-mail , word processing and you tube, also use it as a Linux plex server works well. x cant jump ship as lots of software i use wont run in Linux. still using win 10 pro on my desktop with bit locker off.
@@gerydblackmore5484 And yeah, I get that. Wine, the Windows compatibility layer, keeps making leaps and bounds all the time, but there's just some proprietary Microsoft sorcery that just can't be recreated no matter how hard open-source developers try, plus the fact that it's locked behind copyright laws and B.S. like that.
Disabling bitlocker is easy. All you do is go into settings, privacy & security, encryption and turn it off and answer yes or OK and wait. Easy. Tested in the latest 24H2. It is not hard to disable. Never has been.
The real lesson people need to learn is "Back Up Your Data". Whether it's bit-locker , a failed drive, a virus, stolen device or whatever the reason, data loss is data loss. If the data is important to you then back it up.
The lesson YOU need to learn is that many of us are sick of MS's 'We know best for you' decisions being forced upon us when a lot of the time the applications we need (should) run best natively on windows and no, WINE is not always a workable solution.
@@leftypitchforker6952 Most often than not, the Bitlocker screen will not proc less you do a major change like update the bios or switch your hardware out.
I don't know why you wouldn't just use bitlocker, it's better. Apple's encryption is really good if you're into that kind of thing, I'm definetly NOT, but I help people with their Macs.
Also, not once have I installed windows and been "forced" to sign into my microshaft account. Every install I've ever done, either for myself, or the hundreds of computers I've built, have ever had an ms account. Yes, it was annoying to find, and annoying to setup sometimes, but there's always been a way, and there always will be a way. Business users would have a fit if they couldn't connect their computer to a domain without an ms account.
Well as long as our own custom built computers don't have to use it(turn it on be default) then that's okay with me. I've had bit-locker screw up before on thumb drives which was a pain, never used it again, don't want it don't need it for what I do with my comp. Let us know Britec if that changes. Thanks.
Non-encrypted system will have much better response time. If your gaming rig is a desktop, BitLocker makes very little sense. Drive encryption only protects you if someone physically steals your computer/hard drive. If someone hacks into your system remotely while you are using it, they can see all of the data anyway.
Probably nothing. If you noticed it, it might be when you first load the game. If you have a crap SSD it might matter more, but if so, why do you have a crap SSD
I've got a 10 year old DELL Inspiron desktop computer. It's running windows 11 Pro installed by following one of the work arounds. It runs perfectly. But, it has no TPM chip. So I'm wondering how would that work then? I understood that Bit locker needs a TPM chip. I wonder if I've dodged a bullet here, at least until I have to replace the old desktop computer. I know it won't last forever. 🙄
Make sure to save that old Windows 11 install disk. Newer versions of Win11 Pro will not allow the workaround. Not sure if the future updates will even install on a system that does not meet the hardware requirements.
BitLocker does not require a TPM chip. Windows 10 and 11 need to be Pro or higher. You can use group policy editor to allow you to use it with a thumb drive, or hard drive password you type in before windows boots! If you were running a poor man's Windows 11 computer with Rufus and don't have TPM, and decided you wanted BitLocker, you could.
@@itstheweirdguy It's not that BitLocker requires TPM, it's that Windows 11 now requires a newer generation of processor than he is running in that old system. The newer processors have TPM functionality built into them known as fTPM/PTT.
Thanks, didn't even know that I had it running. I had heard of it but I thought it was something you had to install and pay for so never looked. Thankfully I have a NAS so I have copies of data there. I have only now copied my keys.
Makes my job easier. "You have bit locker?" "Well it was installed on the PC when I got it" "Do you have the key?" "The what?" "You know the big long number to decrypt it" "No" "Sorry can't do anything. This is my call out charge"
Unless you have an internet connected computer with you and do the honorable thing and help them to the recovery page on Microsoft so that they can get their key (if they can remember their MS account password and not just the PIN that they used on that system).
It's a problem for even just changing hardware in the system and not touching the drive. CPU, MoBo, or GPU and bam, the system is locked up. BitLocker needs to remain an end-user-activated thing ONLY, otherwise all MS is going to do is brick system after system and likely end up with a class-action lawsuit due to dmgs they incurred.
On a new PC (or old) whit Windows 11 i install whit no MS acount and no TPM 2.0 support enebled, i also do a debloat and turn of all telemetry...I wiil offcorse not use bitlocker....evryting can be bypassed...
I swear, it's like companies don't get what it means to ask for consent. Anyway, I plan to do a custom build. Is it going to be off on motherboards by default, are there any special settings I need to change, or is Linux good enough for gaming and native Blu-ray playback?
@@itstheweirdguy Fair point, but there's a funny thing about EULAs. Just because they state stuff, it doesn't make them legally binding. I'm not really convinced a court will side with Microsoft over holding your computer hostage for ransom.
If BitLocker has any kind of backdoor (and there's reason to suspect it does, being closed source), then it is only adding the illusion of security. Your point about data recovery is the main reason why it's risky to encrypt your entire drive. Totally reckless of Microsoft to do what they're doing. But then again, they don't care about their customers besides the money they spend.
That kinda explains why did Microsoft make TPM 2.0 a requirement to install Win11. It was for having BitLocker in all editions.
Colonel Klink: We have to stop Hogan doing another one of his escapes!
I don't think anyone thought otherwise
And also explain why it require Microsoft cloud account to save the encryption key...
@@fetr9666and the home version doesn't allow specific password at boot.
It's not hard to disable anyway, provided you are an Admin.
BitLocker is far more trouble than it's worth especially for users who only 'think' they know what they are doing.
Trouble? In what way?
I'll guess when bitlocker asks for the key and you don't have it. What was worse, many bitlocker W10 home version users found out that Microsoft didn't have it either.
This nis why i'm going to recommend my family and friends to turn it off just in case.
@@platterjockey why not recommend them *write down the key right now and keep it safe"?
@@Lofote Let's face it: most people, even if they do write down that long number, can lose it. C'mon! How many times have you written something down or printed it out, thought you put it in a safe place, then forgot where you put it? It happens. It's human nature.
Totally agree with you Brian. I have a fancy that this is going to cause problems for the normal "Home" user. If they don't understand any of this, they are at risk of losing data if something goes awry. Best to be OFF by default but encourage use, and set it up from scratch. There are going to be people that do not note the encryption key. It could all end in tears, as Microsoft instigates something at half-cock. Of course, if you lost everything, Microsoft's EULA will deny all responsibility.
Its going to cause major problems with people forgetting key
@@Britec09 You can turn it off in Regedit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Bitlocker
New Dword 32-bit named "PreventDeviceEncryption"
Set data value to "1"
Click "OK"
Exit Regedt
{with acknowledgements to "Windows Latest", that you mentioned in your video.}
@@Britec09can the complete Ms bitlock drive be third party imaged so if the drive fails the owner has a fall back. I wouldn’t doubt someone at MS is making an update to stop the above regedit.
Sorry but I just want to clear up some confusion. My Windows 11 license has been inherited from a very old Windows 7 license through upgrade cycles.
I have had Pro editions of Windows before but as of right now my Windows 11 is "Home" edition, BitLocker is completely unavailable in this edition even in the classic Control Panel.
I figure most "Home" users would thankfully be using only the "Home" edition as well, meaning that they might not even have this feature. Same way I don't have access to the "Windows Sandbox".
Are they really turning this on for "Home" editions?
This feature is useful for people who move their PCs around a lot (laptops) and other mobile professionals, but those people are already aware and likely have a different work computer.
@@Britec09 I don't even know what my key is. I bought a pre-built pc brand new from a store....grr.
This is really bad news for professional data recovery companies that do high level recoveries for users.
Microsoft will be keeping a copy of the key. That's one reason they're forcing microsoft account creation.
@@quademasters249 On which account? as PC's can have multiple accounts. Do you see where the user confusion happens, they hunt for a key on their account that doesn't exist. Also people delete/change MS accounts, opps what key where?
Why? WIth the key at hand they have absolutely no trouble recovering.
@@Lofote It means MS and the government have access to your data. If you're fine with that then it's not a problem.
@@quademasters249 People are fine with it and THAT is the problem. I still remember (as a developer) back in 2000 when users would fall on you like a ton of bricks if your application did something on the Internet (even if it was perfectly legit). Now? Nobody cares.
We are being slowly boiled in hot water like the proverbial frog. This is obviously not going to end well - just wait until money becomes digital and the social credit system is introduced everywhere. 1984, anyone?
Thank you so much for the heads up. Another pain from Microsoft to have to deal with in their os.
I agree mate
@@Britec09 hi we need the britec tweak that u used in the video of the Perfect Windows 11 Setup
Will it be easy to turn off? Can't see gaming benefiting from this...
Now lets think about this. Jusst 6 months ago Microsoft said bit locker slows down ssd's by 40%. now why would anyone wanna a program that would do that to be running by default. If they didn't fix the issue then lots of users are fixing to get screwed.
What is one of the most common things people get told when their computer can't run software fast enough? Get a new computer. This means buying a new PC from their OEM of choice giving Microsoft another Windows sale and the OEM another sale on their stock of computers. Now will it solve the problem, no. But it will generate some sales.
It can potentially be improved to be less than 40% but ultimately it's an encryption/decryption process that is constantly running on the computer, so it's always going to be a slow down on the system. Personally this security measure is best used on drives that are used for storage, not the main drive for the OS. That Microsoft is shoving this into our throats is just bad, they think this is the future, but I still remember what they said about Windows 10, that it was going to be the last and ultimate OS. Now I hear that Windows 12 is coming, do they still believe their own bullshit?
It's easy enough to turn off, but the average user might not even know it's enabled or if they do how to turn it off. There-in lies the problem. The average user might be unaware until it's too late.
@@wildbill4496 I could only turn it off on my ROG ALLY, By using the command prompt. One of my friends got his OS corrupted on his ROG ALLY when He tried using a restore point, After it did it's thing he was prompted to use the bitlocker recovery key, He wasnt even aware that bitlocker was turned on by default. He had to resort to the ASUS cloud recovery service, Because windows refused to boot after typing in the key.
Bitlocker became mandatory due to the sensitive nature of collected personal data. Standard editions of Microsoft Windows 11 are clearly spyware pretending being an operating system. With so many personal data collected, preprocessed and compiled by Windows, Microsoft could be sued, if somebody steals your computer and abuses your data. While TPM 2.0 can mitigate this problem, only a harddisk encryption can circument it. Whoever wants less telemetry, has to pay a monthly fee of USD 31…35 (dependend on the volume licencing agreement). After the initial purchase, of course. This edition is termed Windows Enterprise and is neither sold as a retail version, nor as OEM-edition. Since Microsoft 365, we know, Microsoft will switch to a subscription model with Windows. This is the Economy 4.0. Why to own something, when you can get it by a monthly subscription fee?
I would say more that half of the PC users don't know what bitlocker is and have no idea where the key is located. Then add to that which user account it was created under, forget user password, issues with password recover/reset. This is guarenteed to lose more data than it will ever protect it from theft.
I sure the hell didn't it locked me out of my pc after I updated bios
This is why I started switching my PCs to Linux Mint, so much bloat, so many headaches, with Mint I can just install my games, and it boots up in 2 seconds.
What classifies a different computer? Does that mean if i swap the gpu to a different one i lose my drive? And or new cpu mb?
Your GPU is fine to swap, but the Bitlocker encryption uses your devices TPM module "usually it is an actual removable chip on the MB or built into the CPU also called fTPM". If you swap the MB/CPU you will most likely need that Bitlocker Key to recover the data, or preferably make sure the drive is not encrypted before making the switch. Idk how the forced Bitlocker thing will work on newer Windows PCs & I would de-crypt it immediately if you do not think you will be able to securely keep a copy of that key. Bitlocker is only on Windows 11 Pro? Somehow Pro has ads too... There is really hardly a difference between the two versions now... almost sounds like the pro version is worse? Linux has this option on some OS's for Free but of course I don't do it because I don't trust myself to keep that key stored some ware safe and not lose it.
@@arcadeportal32 so it’s only on windows pro? I thought it was going to be on windows home and pro
Another MS answer to a question NOBODY asked
@@fetr9666 grammatical error
That's what I thought. 😆
@@fetr9666 What hateful comment?
@@Unknown-sv9fm What hateful comment?
@@Unknown-sv9fm he might just be talking about Microsoft making a tonedeaf change to windows, and not bashing the video creator.
Yes, if you lose your key, you cannot access your data. I saw a video made by a computer technician and he recommended not logging in with a Microsoft account and not enabling BitLocker. It may not be for home users
Instead of freaking out and fearmongering all, why did the comp technician neglect to showcase the method of navigating to aka·ms/myrecoverykey, not to mention the ability to print out the key (to a file) and save to a USB?
@@Mario583a lol you shouldn't be logging in to windows with your account anyway, unless it's a work machine and you have no choice
The only reason for this is so at some point in the future Microsoft can start charging a subscription fee for the use of windows. Fail to pay your subscription fee and you're locked out of your own computer.
Going to give it a go withn Linux. A complete novice, but MS is a great motivator in this sense!
@@D.von.NLinux Mint is the easiest Linux for novices. Second easiest is Zorin.
microsofts own RANSOM WARE
Uh, they don't need encryption to do that. You're connecting dots which are unrelated.
@@GamesFromSpace using master encryption,... allows for not being detected like using our system as part of the entire worlds servers
Sigh… big brother knows better. 🤦🏻
So they think
@@Britec09 hi we need the britec tweak that u used in the video of the Perfect Windows 11 Setup
@@Britec09 An "Invasion of privacy" is more like it.
Definitely becoming an Orwellian system.. little by little. I'll bet most people don't even realize Microsoft is tracking everything you do on the computer by default.. even down to your search box entries. Imagine if they decided to start using all this information against people down the road?
Had many customers over the years who have no clue or no the key, very costly lessons for them, I hope MS back track on this just to save people having issues or not knowing what to do
Ain't gonna happen.
😲 I'm alright seeing the amount of frustrated 🤦🏻♂️ customers coming in the my repair shop with BitLocker issues.
I'll share this video with then.
Thanks for the heads up! Fortunately, my computer doesn't meet the requirements for Windows 11 (processor). I'll bear it in mind when I build my next machine and probably install Linux instead 🤣
w7 is not affected by this problem??
Microsoft and I have very different definitions of what personal computer means. My new machines are getting Linux installed. At least my windows machines have some great components to donate to my Linux boxes when Redmond crosses the line.
@RAM_845 Virt-Manger is easy to set up on Fedora, very easy to use too. Veronica Explains has a good starter video.
I've been using Linux Mint Cinnamon for a couple months and I love it. No headaches.. no mysterious changes to your OS in the middle of the night, no spying, no viruses... I have it customized perfectly to my liking. I have some Windows computers for my games, but I fired Windows 11. All my daily drivers are Linux powered. It's worth trying it out anyways.. and it costs zero dollars.
watching this on my Linux Mint mini PC....sipping Tea....with some danish cookies on the side...
i dual boot mint and windows (but to be fair i'm using mint MORE than 99% of the time), and i still can't sip tea. this will still affect me even though i dual boot windows 10. imagine helping people being fck'd by this. it's going to be hell
Linux mint🤢🤮
So, Linux Mint isn't secure by default?
@@dansanger5340 it doesn't encrypt your drive by default. It asks you what you would like to do. you can still have a password to get into the pc. and unless someone else is using Linux or know that you do. if they plug your drive into a window's machine, it will see it as nothing there and ask if you want to format the drive. As it uses a different file system to windows. So for me that is low level encryption that is good enough for me. Without the risk of loosing my data due to an encryption program like Bitlocker messing things up for you. I'm not carrying any state secrets.
using my custom win11 install on my mini pc sipping tea, coffee or whatever is in the cup at that time
mainly because it has auto hdr which linux does not, does linux even support hdr or you need 50 shamans to get it to work? lol
When i reinstall windows 11 Home now with 23H2, bitlocker is on by default now, first thing i do is turn it off, it's not needed on my system.
On home as well, wow. That is NOT good.
Coming up you won't be able to turn it off.
@@trainmaster0217, Somebody will find a way!
@@trainmaster0217 What???
@@Britec09 Yes, Windows 11 Home on my HP Omen encrypts the drive every time you restore it. But I always turn off the encryption once I get back in to Windows
I agree with Brain. This is already a problem. I work in a big box store and all systems are now bitlocked out of the box. I just had to decrypted a drive today and the customer never new that her drive was encrypted. It is and will continue to be a problem.
Can you make a video on how to use Bitlolocker?
Thank you
It's just an option you switch on, that encrypts your drive incase your computer is lost, stolen or compromised. If you lose your looong key then you're screwed.
Bitlocker also (same as any encryption application) slows down gaming performance.
Some gamers, who may keep a portable “Steam library” drive, may be affected less than other gamers, but this still hurts the majority of PC games if they use Windows 11 (which is the only OS that properly manages P+E core CPUs)
I read some benchmark's that there isn't actually any difference between W10 and W11 on p+e performance. It is only Microsoft marketing W11.
Bitlocker is good if you're fully responsible to where you backup your recovery keys. As long as you have them, bitlocker isn't much of a big issue.
Thanks for posting this!!!! I managed a number of Windows 11 systems so I'll keep this in mind, if I ever need to do a re-installation of Windows.
What's with Microsoft yes I understand them wanting to improve security but shouldn't the end user have the choice here also microsoft should really be informing the end user about Bitlocker and how to use it. A common error that was made because the end user really had no idea about what Bitlocker was they would store their keys on their systems and when things went wrong they couldn't access their data and neither could IT repair shops. Microsoft should give people the option on install to have Bitlocker or not this is another bad move forcing this on the end user.
@Britec09 Hi Brian. Just curious, with drive encryption, what happens when a sector is damaged somehow, can you still decrypt the hard drive? I'm a bit fuzzy on this encryption, if you encrypt a file and that get damaged, you lose it right? But what happens when the whole drive is encrypted?
Cheers mate.
back up your data, whether it's encrypted or not. if you googled it, it's not hard to figure out as far as bitlocker and having a few bad sectors....
@@itstheweirdguy Thanks for your reply, but, yes I back up my data all the time, I use syncback pro. But, the question i'm asking, is, If just 1 sector is damaged, are you able to log back into an encrypted drive. Have you had experience or are you just googling the answer?
@@Zendukai I clone hard drives and ssd's all the time, it really depends. I've never seen one single bad sector be a showstopper on a bitlocker volume or a non bitlocker volume. I've been able to decrypt those drives in windows and clone them. It's rarely just one sector by the time you notice though.
@@itstheweirdguy Thanks, I haven't had anything to do with encrypting a full hard drive, so as long as we can still decrypt a hard drive with errors, I feel a bit safer. I have been using a computer since windows 95 lol. The times that I encryted a file and an error was found, that file was lost to the universe, so encrpting a full drive I was thinking I would lose the lot.
Hi Brian, thanks for the video. I don't like that when reinstalling or clean installing, Windows 11 automatically starts encrypting the disks. I think it should be up to the user to decide whether they want BitLocker on or off. However, you can prevent Windows 11 from encrypting your disks during installation by modifying the installation image or tweaking the registry during installation. If you use Rufus when you do a clean install, it has a box where you can disable BitLocker automatic device encryption. Sure, BitLocker can be good to have turned on for better security, but it can also create problems, as you also mention in your video take care, Brian, and have a nice Thursday.
BitLocker should be optional not mandatory
It’s optional, just turned on by default.
disable tpm and secure boot in bios and make a custom win install, not a rocket science but i don't expect average joes and janes doing that or having 5 minutes away from their fb or insta posts to do basic research
@@r3tr0c0e3 cold…..🥶
@@r3tr0c0e3 even easier: just disable bitlocker 🙃
@@r3tr0c0e3 Disabling TPM and SecureBoot will keep you from even installing Windows 11 Pro.
Tell me again how bad Windows 7 is again?
I wish you would have included how to disable BitLocker
it's pretty straight forward, it's like a 2 or 3 step process. Type "bitlocker" into the start menu, click "Manage Bitlocker", go to the drive that it's enabled on, then select "Turn off Bitlocker"
@@NonLegitNation2 yes but then why just do not instruct ppl to it? What if it wiil not be possible to turn it off?
Just disabled it when you install 24h2, there's a reg entry that does it, that's what I done, maybe make a video on how to do it @Britec
This makes more sense for laptops than desktops. For laptops that get taken to/from the office/school/hotel/etc. this makes a lot of sense to have enabled and it's something I do on my Linux laptops.
On the desktop, now it's a debate to be had. Desktops don't move from place to place very often. At most they may move around a building from furniture arranging at home to changing locations in a building at work. However, the desktop is generally fixed in place. It's not as likely to be stolen as a laptop is (though the chances aren't zero).
My guess is, this gives people more reason to keep up with their cloud backups of their data (which Microsoft just happens to have OneDrive to handle that). As people get burned by losing their data when they get locked out of it (would not surprise me if a Windows update causes it at some point given their track record), people will be more likely to want to make sure they have a backup of their data and guess who has a built in option in Windows to do just that? Microsoft who is pushing AI onto people. The same AI that'll be integrated into OneDrive. Nobody knows what that means yet for their data privacy (Microsoft has NOT been clear on this so we honestly don't know), but you can see how one feature change can quickly tie into something else without a hole lot of thinking here.
This means people will need to do more to make sure they are backing up. I've mostly moved past the need to backup critical files with multiple access way to get to critical information I need.
Hi from Australia. I appreciate every video you do. Been watching for years. Yet another good bit of information. Thanks
I need Bitlocker about as much as I need one drive, or microsoft cloud service, which is not at all. If I'm forced to install it, I'll pull it out by its roots if I have to. A forty percent slowdown on my SSDs would be worse than going back to using HDDs.
I remember my dad's laptop had bit locker enabled by default by the manufacturer and the key got corrupted and took weeks of chasing up the manufacturer to get them to do something about it.
Not only that, if someone hacked your Microsoft account and change your password you pc will be locked, data lost. I've seen this before
@Britec09 *THANK YOU* for this heads-up!😁🥰👍
I have a new laptop running Win 11.
Turning BitLocker OFF (from its default ON-state) has *Thank Goodness!* the consequence that all the data is automagically DEcrypted. This is imho *not at all* an obvious consequence. One might (with Windoze) expect to be required to separately, manually opt for decryption.
Dunno how long the ENcryption takes, but DEcryption of 134 GB (144 GiB) on an SSD took over 2 hours with NO user-apps running. This is a guesstimate' the 1st 40% took about an hour, the rest happened during my nap of about 2.5 hours.
According to the Task Manager the SSD was being used 100%, the CPU ran at 23%, memory-use was around 5 GB. (Now, with only the Vivaldi browser running, CPU is at 2-3%.)
Another reason why I'm glad I'm on Windows 10 IoT LTSC and have no plans on changing OS ...
2035 support
I wish I can get it. How do you?
They could as well roll out an update for Win10 to include BitLocker too when they notice everyone going back to Win10.
@@powerpc6037They won't
Hate to tell you, but it has been part of Windows 10 Pro since at least 2020.
my friend's laptop was doomed after he installed the windows update, his important files were gone cuz microsoft automatically enables it and asking for the recovery key that he didn't set, he is using windows 11 home, basically it looks like a ransomware, we ended up reinstalling windows 11 to make his laptop usable again
and this was on the Win 11 Home version, even MS's website shows that the Home version does not come with bitlocker, interesting.
nice Microsoft...goodjob....Worst company ever.
What could possibly go wrong?
Is it April 1st already?
Nope 😂
Bitlocker on Windows Pro has been the default since Windows 10 v20H2, I believe (possibly even as far back is 1907). It was automatically enabled if you installed with a Microsoft account. Microsoft didn't even tell OEMs that this was happening. Worked tech support for a major PC vendor for 25 yrs up until 2023; this was one of MS's biggest headaches. It got to where, when I had to walk a customer through an OS reinstall, I asked them if they wanted BitLocker, and showed them how to disable it after the OS install completed and advised doing it before installing any drivers, updates, or apps, since the more data on the system, the longer it takes to decrypt the drive. So this is actually very old news.
Just as well I've paused my updates until 2032 than isn't it?
My friend had a PC that he wanted to have by the side of the TYV, so I installed 11, stupidly let it update and then he decided to change the old drive out to a new SSD, so I cloned it and then swapped it, set it to boot in the BIOS and there it was, a bitlocker key was needed. It was a hell of a job as we couldn't use that PC to go online to get it. Luckily he had decided to create an MS account during setup[ but we had to go to my house on my computer for him to log on and get the key, then we had to go back to his house and enter the ridiculously long key before his system would boot from the new drive. I immediately turned his bitlocker off and paused his updates until 2023.
Thanks for posting this!. I'm a normie home user in the midst of migrating to a new PC with 23H2 and no idea what BitLocker is. Will probably shut it down at least until I can learn how to use it.
Brian, thank you for your outstanding videos. I was recently forced to upgrade to Win11 Home on my laptop. At least Classic Start Menu solves a lot of useless GUI issues. In any case, with Win11 Home installed, I was thinking of upgrading it to Win11 Pro. Now, when 24H2 is rolled out, will BitLocker be activated on updating (Home or Pro). This isn't a new instillation, but update to and existing one. Also, in this update process, will I be able to disable BitLocker before it's installed? Thanks, Bill
I worked with Bitlocker since it's inception years ago. The performance hit was brutal on all computers. Even SSDs got seriously affected. Gaming machines will suffer. Not only that, some updates would force you to reapply the key which will be an issue. And at that time, no MS account was required.
This might sound like a stupid question, is this only regarding the C drive or all drives plugged into the computer?
Not sure right now
I used a corporate WIn10 machine that had bitlocker enabled and it would insist that any flash drive plugged into it needed to be encrypted to use.
@@IP65-xu8xr Thanks for that, I'm gonna keep telling myself its that way cos its a corporate machine. 😭 🤣
More reasons why people should move to linux. What are MS thinking with this
Because they're implementing a proven security measure?
@@Richo5566the problem is they are forcing bitlocker without notifying anyone, which cause problem for normal user
nice video been waiting on news about this great video thanks for sharing...!
You're welcome
Thanks, Jim for the Video and Heads Up we really do Appreciate it!
Brian if you have multiple drives on your PC do you have a different key for each drive or do you use the same key for each drive?
It is not only users that forget the BitLocker code. The computer itself might not recognize it. And does even say that the saved file is invalid. What then?
Or your Windows crashes, and you could under normally conditions hang the drive in a second system and save the documents (because not everybody is strong in backups.)
That will be a big issue in the future. But help is on the way. Put all your documents in the cloud (or nas). And by accident, Microsoft sells cloud storage. It only makes them stronger.
You're supposed to backup and if you don't it's your own fault. People like to blame giant companies for their own laziness
It's great that they will allow it to be used in the home version. But damn, nothing I do on all of my PCs but one, is not important enough to need encryption. It should be simple for them to prompt the user during installation to keep bitlocker enabled or disable it and explain the risks of each. I tried explaining bitlocker and encryption keys to my elderly mom and honestly, she thinks a key like a car key will have to be used to turn on the PC.
If they just gave encyrption as an option during the install, that would be fine. The problem is they won't do that.
we are going to encrypt your drive by default ,You need to sign in with your Microsoft account to get the key .Sounds like ransomware to me .
Next step: Stealthily migrate the decryption key to the cloud and paywall it like they did with people's user folders using OneDrive and Storage Sense.
It's a mightmare. I think about the people that only work with the computer... with basic knowledge. If you finish in the "limbo" with C: encrypted e no Microsoft account, I have no idea... Windows it's like a ransomware.
What happens if you have a failing drive and clone the old drive to new.? Sounds like Windows solving a problem only to make new ones.
I have been using bitlocker since the beginning of windows 10 and I still use it in 11. I do not see any performance issues and many cloning programs understand bitlocker and have options to read its data from the recovery environment
Microsoft already did it with "Device Encryption" (Stripped down Bitlocker for Home edition). Lots of laptops sold are with "Device Encryption" turn on by default. Most of the users don't even know such a feature exist!.
Yep; they rolled this out with the initial version of Windows 11 Home.
My company failed to inform people in advance about Bitlocker and now some admins of critical infrastructure are locked out of their PC.
As far as I understood they turned off there notebooks while the encryption was still running.
Enabling is dependent on both UEFI config support and multiple hardware support requirements. I have a current model ASUS W/Station board running a 14900 CPU and msinfo32.exe reports that it is NOT compliant with automatic device encryption, due to a number of hardware related factors. In other words, it will depend on the hardware MFGs to provide support for this.
Well that is my issue with it. I have workstations come into the shop all the time with bitlocker turned on but the person no longer has the key or access to the account they installed it with. If the system is not bootable I have no way of getting their data off of it. I think the risk of losing data to a non booting system is higher than the risk of losing your laptop and someone stealing something vital. And if you have a crypto wallet stored on it either of those things happening is the same outcome.
Thanks for the video and heads up, keep up the good work. 👍
Thanks, will do!
Thanks for the heads-up Brian
Hey man, any chance you do a series on linux? ive tried watching other people explanations and demonstrations but you always seem to explain things in a much better way
easy, don't touch it, it is useless, all the best software is windows only anyway.
my hp envy x360 laptop is already bitlocker encrypted from the factory so to reset it if needed it asks for the full bitlocker key code
I think most people are more worried about losing their photos, music, documents, videos etc. USB and SSD drives lose their data if left unused after a few months, with HDD's a bit longer. The Key appears to be 32 digits long, so write it down, or print it out.
Between this sort of thing and the XBox division seemingly imploding, I'm really hoping to see MS booted down quite a few rungs on the monpoly ladder. I fckin love to see it.
I had BDE enabled on my ThinkPad even with fresh install windows 11 22H2. Dunno if it required a SED NVMe. It is synced to msft account which was added to sync office key activation. Didn't see any loss in performance on Toshiba BG5 with ThinkPad L14G3 AMD
BitLocker is fine...ignore the naysayers. TH-cam is for the views, it's entertainment.
@@itstheweirdguy isn't that misinformation which can make huge percentages of data accessible to anyone with physical access? I have incompatible hardware with w11 and it is very slow with VBS hardware compared to shiny new PC bought few months ago
Does bitlocker encrypt all your drives or just your system drive??
All drives on the computer.
@@dragonmaster1500 Thanks
This all seemed scary until I had a look at encryption settings and found a switch to switch encrypting off, which then reverses the process, and you are back to normal. So it's just a matter of making sure you make a note of any key, if this is forced on you, and then just undoing the encryption. If you need to encrypt any disk, just right click on it and choose the option. None of my Windows machines have any encryption forced on them, and one was only installed from new with an oem digital key last week.
Assuming that there will be a switch to turn it off again
I did a fresh install of windows 11 home and it was turned on. I didn't use a microsoft account so would have been locked out if I had a failure. Thanks to you it was an easy toggle off and wait a few minutes. I also noticed a find your recovery key that takes you to microsoft button, where a video tells you where to look and if you can't find it format your device. Not Good
I'm not very tech savvy I just play games and make music. I don't want bitlocker on my PC. If I update to this will it prompt me to save my key or will it just stealthily enable bitlocker?
It is time to migrate backups to external data storage where you can control your own encryption (if you know what you are doing)
And I do not mean onedrive. If ms forces it on I migrate to linux.
ps. bitlocker also slows down ssd's to a crawl, still faster than a hardrive but nowhere nvme speed.
Gonna grab my popcorn and beer...
I watch from the Linux cheap seats. Can I just grab some of your popcorn? This clowncar of a megacorp going downhill is pure entertainment. I wouldn't trade our front seat for all the opera in the world. Nice beer. There it is! The clowncar! It's going past now. What? It's come to a halt. Bitlocker has seized up the engine! Oh no! But more popcorn! Yeah yeah! That's entertainment. Does Sammy Davis Jr tap dance.
Why must MS enable all settings by default? Why not let the use choose? Ok, not all users care or even know there are settings to change. But the average MS user isn't stupid. I just always found it annoying they turn everything on.
If it will come by default, how do you disable it when you buy a computer and it came with it?
ah microsoft, heads up from people's concerns, for my opinion, tell them whether to turn on bitlocker during installs, rather than forcing them which causes billion users that use windows potentially broke their data
Lots of people have lost data
If you install PopOS linux it asks you if you want to encrypt the drive. Switched on my laptop KDE Kubuntu from Win11. So far it has been good for me.
Finally hackers won't be able to get thousands of cat memes grandma collected over years.
Drive encryption doesn't protect against hackers.
"Secure by default" is sort of the mantra in security circles these days. As you said, most users probably think that enabling a login password on their Windows laptop means that their data is safe if their laptop is stolen. While this change might cause a lot of heartache for people who don't follow Microsoft recommendations on saving their Bitlocker key, it might also prevent a lot of heartache for people who get their laptop stolen.
Isn't Microsoft benevolent? Turning peoples false sense of security into true security. I try to do that for people at work, it is possible.
They are migrating to a subscription model. How are they going to lock you out of your own files if your files aren't encrypted in case you stop to pay? If you want something open you should use Linux.
Yesterday I launched a Live USB with Zorin OS, then restarted the PC and turns out BitLocker was activated.
I never activated BitLocker. They arent just forcing new installs to have bitlocker, my notebook is NOT a new install, and bitlocker got activated anyways.
Thankfully, six months ago, when I first powered on the notebook I put my microsoft account as soon as the notebook told me. But no Bitlocker setting showed up.
They are lying, they aren't just forcing it on new installs. They are also activating it on some old installs even though you were never asked.
Dare I say... RANSOMWARE?! From MICROSOFT???!!! 😱
Boy, if this doesn't cause people to jump ship for Linux, I don't know what will.
Not everyone can
@@Britec09 I get it. Some Windows software just won't run in Linux no matter WHAT you do.
I use Linux mint on my laptop. its only use as a daily driver for web browsing, e-mail , word processing and you tube, also use it as a Linux plex server works well. x cant jump ship as lots of software i use wont run in Linux. still using win 10 pro on my desktop with bit locker off.
@@gerydblackmore5484 And yeah, I get that. Wine, the Windows compatibility layer, keeps making leaps and bounds all the time, but there's just some proprietary Microsoft sorcery that just can't be recreated no matter how hard open-source developers try, plus the fact that it's locked behind copyright laws and B.S. like that.
i mean Linux isn't any better. if you forget your account password on Linux you are still screwed.
Microsoft is pushing itself and its products more and more onto the do-not-use list!
Disabling bitlocker is easy. All you do is go into settings, privacy & security, encryption and turn it off and answer yes or OK and wait. Easy. Tested in the latest 24H2. It is not hard to disable. Never has been.
lots of things are easy to disable at first but MS keeps making it harder to do so in future updates.
The real lesson people need to learn is "Back Up Your Data". Whether it's bit-locker , a failed drive, a virus, stolen device or whatever the reason, data loss is data loss. If the data is important to you then back it up.
right
So what you’re saying is to backup your data in case Microsoft causes you to lose it.
The lesson YOU need to learn is that many of us are sick of MS's 'We know best for you' decisions being forced upon us when a lot of the time the applications we need (should) run best natively on windows and no, WINE is not always a workable solution.
@@leftypitchforker6952No he's saying to do that regardless because you never know what could happen
@@leftypitchforker6952 Most often than not, the Bitlocker screen will not proc less you do a major change like update the bios or switch your hardware out.
Some people (including me) already have HDD encryption but with VeraCrypt. How are we affected?
very interesting question
This is only effecting New Computers and new installs of Windows. But you may be prompted and nagged to use the Bitlocker.
I don't know why you wouldn't just use bitlocker, it's better. Apple's encryption is really good if you're into that kind of thing, I'm definetly NOT, but I help people with their Macs.
@@itstheweirdguy Veracrypt is best for external drives, like that you can move them across MAC Windows and Linux. You can't do that with Shitlocker.
5:38 shouldn't be an issue, the key is backuped in the Microsoft cloud.
Also, not once have I installed windows and been "forced" to sign into my microshaft account. Every install I've ever done, either for myself, or the hundreds of computers I've built, have ever had an ms account. Yes, it was annoying to find, and annoying to setup sometimes, but there's always been a way, and there always will be a way. Business users would have a fit if they couldn't connect their computer to a domain without an ms account.
Well as long as our own custom built computers don't have to use it(turn it on be default) then that's okay with me. I've had bit-locker screw up before on thumb drives which was a pain, never used it again, don't want it don't need it for what I do with my comp. Let us know Britec if that changes. Thanks.
What will be the difference between an encrypted system and a non-encrypted system when playing a game?
Non-encrypted system will have much better response time. If your gaming rig is a desktop, BitLocker makes very little sense. Drive encryption only protects you if someone physically steals your computer/hard drive. If someone hacks into your system remotely while you are using it, they can see all of the data anyway.
@@anthonygage1227 Thanks, i think it will have worst response times with an encrypted hard drive, makes sense.
Probably nothing. If you noticed it, it might be when you first load the game. If you have a crap SSD it might matter more, but if so, why do you have a crap SSD
I've got a 10 year old DELL Inspiron desktop computer. It's running windows 11 Pro installed by following one of the work arounds. It runs perfectly. But, it has no TPM chip. So I'm wondering how would that work then? I understood that Bit locker needs a TPM chip. I wonder if I've dodged a bullet here, at least until I have to replace the old desktop computer. I know it won't last forever. 🙄
Make sure to save that old Windows 11 install disk. Newer versions of Win11 Pro will not allow the workaround. Not sure if the future updates will even install on a system that does not meet the hardware requirements.
@@anthonygage1227 Everything still works. What doesn't work anymore?
BitLocker does not require a TPM chip. Windows 10 and 11 need to be Pro or higher. You can use group policy editor to allow you to use it with a thumb drive, or hard drive password you type in before windows boots! If you were running a poor man's Windows 11 computer with Rufus and don't have TPM, and decided you wanted BitLocker, you could.
@@anthonygage1227 I will, thank you.👍
@@itstheweirdguy It's not that BitLocker requires TPM, it's that Windows 11 now requires a newer generation of processor than he is running in that old system. The newer processors have TPM functionality built into them known as fTPM/PTT.
Thanks, didn't even know that I had it running. I had heard of it but I thought it was something you had to install and pay for so never looked. Thankfully I have a NAS so I have copies of data there. I have only now copied my keys.
Makes my job easier.
"You have bit locker?"
"Well it was installed on the PC when I got it"
"Do you have the key?"
"The what?"
"You know the big long number to decrypt it"
"No"
"Sorry can't do anything. This is my call out charge"
Unless you have an internet connected computer with you and do the honorable thing and help them to the recovery page on Microsoft so that they can get their key (if they can remember their MS account password and not just the PIN that they used on that system).
I have a question. Does BitLocker cause more reads and writes the normal usage does in addition to slowing down the system?
It's a problem for even just changing hardware in the system and not touching the drive. CPU, MoBo, or GPU and bam, the system is locked up. BitLocker needs to remain an end-user-activated thing ONLY, otherwise all MS is going to do is brick system after system and likely end up with a class-action lawsuit due to dmgs they incurred.
This will be FUN as someone who has “rescued” data from many old PCs for people, now having to tell them that their data is unrecoverable… YAY!!
On a new PC (or old) whit Windows 11 i install whit no MS acount and no TPM 2.0 support enebled, i also do a debloat and turn of all telemetry...I wiil offcorse not use bitlocker....evryting can be bypassed...
I swear, it's like companies don't get what it means to ask for consent. Anyway, I plan to do a custom build. Is it going to be off on motherboards by default, are there any special settings I need to change, or is Linux good enough for gaming and native Blu-ray playback?
Actually they do, they make this long document called a EULA that you agree to before using it.
@@itstheweirdguy Fair point, but there's a funny thing about EULAs. Just because they state stuff, it doesn't make them legally binding. I'm not really convinced a court will side with Microsoft over holding your computer hostage for ransom.
If BitLocker has any kind of backdoor (and there's reason to suspect it does, being closed source), then it is only adding the illusion of security. Your point about data recovery is the main reason why it's risky to encrypt your entire drive. Totally reckless of Microsoft to do what they're doing. But then again, they don't care about their customers besides the money they spend.