Windows 11 will be encrypted by default. Enhanced security with 24H2.

Microsoft is about to take a significant step in data security. The Windows 11 operating system will be encrypted by default for all new installations and system resets, whether it's the Windows 11 Pro or Home version.

Looking back, with the release of Windows 11, many users were surprised to find they couldn't install the operating system if their computer hardware configuration didn't support TPM 2.0. TPM 2.0 features include storing and managing encryption keys, generating cryptographic keys, encrypting and decrypting data, and securing the system boot process.

The Windows 11 24H2 update, set to be released, will automatically enable computer encryption for all new installations and system resets, regardless of whether the user has Windows 11 Pro or Windows 11 Home installed. This change, encrypting Windows 11 by default, is already present in the testing and preview versions of Windows 11. Microsoft says this policy aims to increase device encryption adoption and, consequently, user data security.

The new feature by which Windows 11 will be encrypted

The new feature relies on BitLocker technology to encrypt system drives and protect data. BitLocker has been a feature since Windows 10 (1511), but it's currently used by very few users.

An essential aspect to consider is the need to make a backup copy of the BitLocker recovery key. Losing this key could lead to losing access to the entire PC, with few recovery options.

Windows 11 will be encrypted by default. Enhanced security with 24H2.
Windows 11 will be encrypted by default. Enhanced security with 24H2.

Related: How to recover BitLocker password and BitLocker encrypted partitions

The good news is that the Windows 11 24H2 update won't automatically encrypt PCs. This change, encrypting Windows 11 by default, applies only to new installations, leaving existing PCs as they are. However, there are concerns about how users will manage the recovery key or if they'll lose access to their Microsoft account, as both situations could lead to losing access to the encrypted PC.

How to disable Windows 11 encryption during installation

This new security feature in Windows 11 24H2 will be a significant issue for users who want to disable automatic encryption during Windows 11 installation. Users will need to make changes in the registry during installation to prevent device encryption.

Another method involves using tools like Rufus to create Windows 11 installation media that bypass system requirements and disable BitLocker. This way, Windows 11 encryption can be disabled during installation.

However, it's not recommended for users to make these changes unless their PC is genuinely too old to handle encryption without a significant performance drop. Encryption is a highly effective security measure for protecting data and PC integrity against unauthorized access. Forgetting the data encryption key can become a major issue.

Passionate about technology, I enjoy writing on StealthSettings.com since 2006. I have a rich experience in operating systems: macOS, Windows, and Linux, as well as in programming languages and blogging platforms (WordPress) and for online stores (WooCommerce, Magento, PrestaShop).

How to » Windows 11 » Windows 11 will be encrypted by default. Enhanced security with 24H2.
Leave a Comment