Don't expect it to get any better. Microsoft continues to slowly tighten Windows down into a closed system, to be like MacOS someday. Already took the jump to Linux last year, myself, and have never been happier. There is a learning curve, it's not as easy as just installing, and you feel at home. However, it's well worth the effort to dump Microsoft for good. 🍻
@@datriaxsondor590 Worse. At least with Mac OS (even if you hate it) you can bypass, the enrollment, the disk encryption with a simple clic, and there is no advertisement in your search bar. M$ is getting completely crazy.
I used Bitlocker in the past, but I had a nightmare experience, I had to look for the key it took me a month to find it and recover all of my fiiles so the very first thing I disable is Bitlocker, I wasn't aware you could disable it during installation very good to know, I have 24H2 installed but Bitlocker was disabled for me, maybe because I stopped using it, I have the key just in case, thanks Brian good information like this is priceless, so thank you.
@@Lofote what is more likely. Your laptop gets stolen or four years later it won’t boot and you can’t find a piece of paper with the key and can’t access an account you never used except to set up windows? I see this all the time in our shop. It isn’t people like us that are the problem. It is the accountant at a manufacturing plant or the insurance salesman. You could also argue that if they were backing up their files it wouldn’t matter either. This year I had one laptop that came into the shop where the person had a one drive backup. One. We see what can go wrong and take steps to reduce risk. Most people don’t. And the thing is it is those people that keep me in a job. But if I can’t help because of a safety feature that actually puts them at higher risk of losing data than getting their laptop stolen then we both are hurt by this security feature.
You can enable or disable this bitlocker, but you should never forget to backup. That's the only way to get access to your data if something will go horribly wrong
they have an os monopoly among the general userbase so they can literally afford not to care. even microsoft doesn't use their own os in-house, they also use linux. they know.
Why are advanced features like this being pushed on the every day user ? It's a massive headache for people have no interest in encryption and the one who do want it know how to enable it. Windows becomes more anti consumer by each and every new version. Simple features hiden away but pointless menu's you need to navigate for no reason, APPS you need to turn off slash remove , ADDS in your start menu and now this latests non sense. Great stuff Microsoft keep on going this way.
Brian I really appreciate these step by step instructions, as somebody who can't even remember what I had for breakfast on some days, I will not remember my BitLocker encryption KEY and where I SAVED it! Do not tell me that this is not about Government controlling us, otherwise it would be "optional" and NOT "MANDITORY!
Like many, I keep all personal data off system drive entirely, and with multiple backups, so from that perspective BitLocker isn't an issue, as I can reformat / reinstall windows on a whim. The real problem is the performance impact, which is significant.
I believe that encryption was created precisely to protect personal data. Why on earth would you want to encrypt an OS? The overhead would slow your performance for no reason.
@@billd9667 the reason is to slow down the hardware to get people to upgrade, it is the something that has been going on a long time, more E waste and more control for them
Most excellent video - hate Bitlocker; - a) slows things down and overhead b) had issues with Bitlocker and intermitten Hard Disk fail issues c) Hate MS dictating to us what we want / do on their bloatware systems. D) Not so good transferring Data Drives from one Computer to another - in upgrade / replacement; imagine that you need to decrypt on Machine X, then put into Machine Y and then re-encrypt using a new Key unique to Machine Y.
Hi Brian, very, very good video. I don't like that BitLocker turns on automatically. It will create many problems for many users if they can't get their encryption key or if something goes wrong. However, you can also turn off BitLocker when you do a clean install of Windows after you've created a bootable USB flash drive with Rufus. So, personally, I will turn off BitLocker when I do a clean install of Windows next time. I save my data offline and on many different drives, like NAS, external drives, and elsewhere. Take care, Brian, and have a nice evening.
I am so sick of this forced compliance mandates by the likes of Microsoft and others I will just refuse to buy the products on principle despite inconvenience to myself. Where is that Linux distribution I like? If I need Microsoft Windows, it will be contained in a virtual machine jail! Microsoft, You brought this upon yourself and I hope multitudes more have the same idea.
Thanks for the video it caused errors on some PC's and laptop with some small partitions, can't remember the error code but bit locker was switched on and filling up the partitions
I'm glad I switched to Linux a few years ago. I think you can use LUKS2 with Windows if you encrypt the drive using LUKS2 then install on that, worth a go?
Thank you! You're the best, king! Can I upgrade to 24H2 now when I did all of this? Or is this something that I have to do during the upgrade/installation process?
Good tip, as simple as editing a DWORD. My 1st worry, beyond the encryption key management, would be the performance impact on the r/w speeds of the encryption process, I don't buy fast NVMe drives for the leisure of wasting their performances because of a feature that I basically don't need at all and bottlenecked by the TPM 2 module, on a gaming PC (what windows is only good for, to me, everything else, from light client to server, firewall, advanced routing, virtualization, any everyday tasks to any super dedicated system/network tasks, can be achieved with a linux install, from out of the box common desktop PC to super dedicated machines from $200 routers to $10k servers). Remove gaming and printers management from windows, and it's left with absolutely nothing, that's the only two last things in which linux really has to improve in term of support.
This is helpful. I do use bitlocker but only for an external hard drive that has sensitive data. Neither my desktop nor my laptop PCs have Bitlocker on the drives running the OS or programmes but I need the password to get at the sensitive data. The external HD is also partitioned and only the partition with the sensitive data has bitlocker on it. People might find a video showing how to set up such an arrangement useful.
I just added all of you suggestions to my Win11 23H2. Will these changes in 23H2 work when upgrading to 24H2 thru Windows Update? Thanks for all you have done for this community.
And what happens if MS decides to delete your email account bye bye everything it happened to me lost emails one drive evem all my xbox digital games everything gone delete by MS had to start over i do not trust MS EVER AGAIN
Does Bitlocker encrypt the "C" drive only? Or does it also do the same to any other drive installed on the system? What about removable drives once they are plugged in?
Britec I need you and others to quit being so plain Jane windows 11 as in windows 10 has 2 verities Home or Pro some Tec people think there the same but setting are not. Nice show I'm a subscriber of your channel !
People setting up Windows on laptops that will be storing sensitive personal information might want to consider just leaving Bitlocker enabled and making sure they store their recovery keys in a safe place.
So,does this enforced Bitlocker setting occur if we take the latest advice of how to bypass an M$ Account & just do a local one?🤔 Given the extra cost of Pro vs Home,one hopes a future Rufus update helps us less technically savvy users! 🤞
If you install 11 using a Microsoft Account, then create a new local Admin and delete the Microsoft Account, the drive is ENCRYPTED, and remains Encrypted even after the deletion of the Microsoft account..
For clarity, this does not happen during the 24H2 update, only if you are doing a fresh install. So, better hit up Microsoft and get that 23H2 or 22H2 for that fresh install.
We get a lot of PCs in the shop with bitlocker turned on and the client has forgotten the account they used and didn’t save the key. Not much we can do to recover that.
Encryption also adds latency and affects the overall performance of your system. Why would I want to encrypt my system drive? No, I don't. Now I might consider encrypting a data drive that I set aside for important information. That much I would consider.
One thing Microsoft are ignoring is that in a corporate environment having bit locker on stops you being able to update your pc bios with security patches
I'm amazed at how many people think turning this off is a good idea when they have no idea what Bitlocker's purpose it. If your machine gets stolen or lost, your files will not be accessible. Why would you want to turn this off? Let MS keep your key and you won't have any issues.
ok --- if you say so. You can, and will, run into major problems. Guaranteed. Oh, and the bad guys ALREADY KNOW how to defeat bitlocker. Your drives will suddenly stop working, and you will be unable to even get your key from Microsoft. Backup everything early and often
Your Bitlocker key is attached to your microsoft account: 1. Which you can't access, because your system drive is down 2. Which you can't fix, because it's encrypted 3. To fix it, you need it unencrypted 4. Which to do so, you need the key attached to your MS account. Goto 1.
Like some have already asked , will Bitlocker be turned on by just updating to 24H2 or does it only turn on if you do a fresh install of Windows 11 or reformat ?
Ok Brian thanks for the heads up. Now I am just wondering if this is going to happen if my 23H2 version gets changed to the 24H2 via an update from Microsoft. If so should I go ahead and make these BitLocker changes right now to head it off at the pass?? The only other option that occurs to me is simply not to install 24H2 if that is possible?? Further to this Brian, I found an article that says one can change the BitLocker settings so that one can use a PIN instead of the key is that correct??
Microsoft has already calculated the small number of users (like myself) they'll lose as they tighten the screws on this operating system. It will be interesting to see what changes they continually make that will cause some people to finally throw in the towel.
yep, self-made home server from old MacBook running ubuntu and attached usb HDD ) no encryption, just password protection to access the folders via samba sharing for backups cost-effective solution 👍
backup is a universal way to preserve your data. It's also an effective way to counteract unauthorized encryption. If that happens, you need to clean your system, sometimes reinstall it, and restore your data. Some most recent files might be lost, this depends on how regular is your backup, and how quickly you recognize that your data are encrypted. Whatever your post above is, encryption is good anyway cause it addresses not only malware, but also hardware failure, your own mistake like accidental file deletion and so on. It's essential that these backups should be located on non-local disk, which are not controlled directly by windows. Example is like I described earlier, samba server run by other PC
It is not beyond the limits of an IQ in double figures the idea of making a choice during installation (with default OFF): "Do you want BITLOCKER to secure your disk? WARNING: it can create insurmountable problems if you don't know what it means and if you don't know how to save the key in a safe place." Unfortunately, intelligence at Microsoft is becoming a rare commodity.
This Laptop originally came with 22H2, then upgraded to 23H2. I created the registry, and made the other options you talked about, but searching for BitLocker turned up nothing, though the main BitLocker key was in the Registry. So my question is, are my files encrypted or not before these changes; or will these changes reverse these files back to UN-encryted? Since these LT is only 2 years old, I don't recall seeing a screen that mentioned BitLocker!
Bit Locker is in W10 pro but turned off on my PC. How long will it be before they block the turning off of bit locker on PC's like W11? Only time will tell. Is this going to be the turning point where more people ditch Microscam and go to Linux or Apple PC's? Won't Microscam enable bit locker again when they do an update to the system?
My latest laptop came with Windows 11 22H@ preinstalled along with Bitlocker enabled. Yeah, that means I had to also download 23H2 through Windows Update, but that's not the point here. It also came with Bitlocker enabled by default as well. I think I actually disabled it from within Windows, not during installation.
I'm no fan of encyrpting hard drives, and I'm a Linux user. I once encrypted a drive using some linux app, I VeraCrypt. What I didn't know, was the drive could only be decrpted using the same Operating System that had encrypted it. So if one used another Linux machine to decrypt, it wouldn't be able to.
One has to wonder what the thought process is behind forcing rather than asking. MS is no different than an abusive parent, spouse, etc. It's mental illness!
The thought process is a principle called "secure by default." The idea is that most average users don't understand the security implications of choosing ease of use over security, so the system should choose the secure choice for them by default and let advanced users change it back afterwards if they want to.
@@dansanger5340 Kinda like forcing a MS account to install Windows, forcing Edge, tons of telemetry by default and, coming soon to a Windows PC near you, Copilot!!! Encryption has always been available to those that want it and there was a CHOICE to use it or not. This is not a security issue; it's all about control. The average user doesn't need forced "protection".
@@vulcan6940 Of course encryption is a security issue. If your laptop is lost or stolen, and the drive is not encrypted, it's trivial to read your data. That's not obvious to a lot of average users because they think their login password protects their data.
so if they role out the 24H2 update.. do I have a choice to deactivate or do I have to wipe first before installing the windows again? or is there even a way to deactive it still I the reg editor after installation? I am on 23H2 rn and just downloaded KB5039302
I recently bought my mom a Beelink mini PC. Once it arrives, if I have her leave the password field blank for the initial setup, will this bypass this "feature"? Typically, when I get a new PC, I almost always leave the password field blank to make the initial setup easier.
Sorry for the off topic, do you know if " Process Forensics " can detect what is causing (out of the blue SUDDEN) 100% disk spikes and a quick slow down to freeze of the pc. If it can, any chance you could do a vid on this please? Going of the the amount of comments i've read on this (100% disk) and the amount of years this as been going on for people, i do believe i speak for a lot of people that would like the answer to this, and like many others, i have tried this and i have tried that, but some of the other things i don't want to try until i know it will fix it for sure (i do believe Microsoft know what is causing this prob = which will mean they or the cause of the prob, being there is no easy fix i can find).
will this solve the issue for those bitlocked enabled drive already?coz if its bitlocked enabled already and need to re-install windows i can't access drive C anymore
I just had to deal with a force bitlock hard drive. My fathers Laptop. Was there without his knowledge. We got stuck in a bitlocker loop, and no matter what I researched I couldn't get it out of it. Lucky for him he had nothing important on it, all the important stuff is saved on a separate hard drive and on his main desktop. If I want to encrypt the hard drive, I'll decide whether I turn it on or off. It does seem like force ransomware as it forces you to make a Microsoft account.
Are MS adding this to Home Editions as well or just on the Pro & above?? My customers forget passwords & pin numbers, so no chance of remembering where they saved the recovery key (or even if they have one) lol.
all aditions, they are making this standard across the board because most people are on smartpones and tablets and laptops, the desktop community is actually tiny =)
Thank you. I sell secondhand computers. I just checked a Windows 11 Pro install from yesterday. There is NO Microsoft account on the Laptop, only local account as the MS account had been deleted during the setup process. ------- BITLOCKER was ON and the Drive was encrypted. Hells Bells, If I sold the computer like that; local account only and Drive Encrypted there is no way to recover the key.
But what if I wanna use bitlocker on the second partition of the main drive or on a usb? If I disable it then I can’t use it anymore? So if I want bitlocker then it will gonna lock even my c drive, or the alternative is disabling it completely not being able to use it anymore? That’s ridiculous
at about 6:28 you mention if you have win 11 pro or above then you can just go into group and disable it, does that mean everything you just talked about previously in this video was for home or any other install less than the pro version? A little confusing....
Microsoft is messing with everyone by forcing BitLocker on everyone. A serious issue will definitely occur if you forget to back up your encryption keys before upgrading your motherboard BIOS. If you really forget to back it up, you, the sole owner of your hardware, will become the one against whom BitLocker guards your data after a successful upgrade of the BIOS.
Obviously, the default install will be to use a Microsoft Account, and store the BitLocker key there, to avoid it being lost, so Microsoft is basically targeting the installation at the lowest level of IT expertise. I think it a bit disingenuous to suggest the problem with bitlocker is losing the key, while trying to create ways to avoid the default options for saving the key.
Like most others I am tired of Microsoft "thinking" what's best for us, I really don't know how to get the message to them other than abandon their system. Problem is they have the vast monopoly and will probably never listen to any end user. With anything like this there should be an option to say yes or no, for most users they won't even know, this WILL result in data loss later !!!
🙂 guys I have a warning for all of you, If your using passwords to login to windows AND / OR you are using Bitlocker, which uses KEYS be aware that information is copied over to the bios of your motherboard, so please be aware if you update your bios and you corrupt your bios and the next time you boot your PC you get a warning about TPM you are basically SOL
Thankyou. I'm getting more and more fed up with how pushy and limiting MS are getting.
Glad to help
Don't expect it to get any better. Microsoft continues to slowly tighten Windows down into a closed system, to be like MacOS someday.
Already took the jump to Linux last year, myself, and have never been happier. There is a learning curve, it's not as easy as just installing, and you feel at home. However, it's well worth the effort to dump Microsoft for good. 🍻
@datriaxsondor590
Yes, it seems it is just getting even more closed than before...
@@datriaxsondor590 Ubuntu is a good starting point, despite the limited spyware from Canonical in the UK. What distro would you recommend?
@@datriaxsondor590 Worse. At least with Mac OS (even if you hate it) you can bypass, the enrollment, the disk encryption with a simple clic, and there is no advertisement in your search bar. M$ is getting completely crazy.
I used Bitlocker in the past, but I had a nightmare experience, I had to look for the key it took me a month to find it and recover all of my fiiles so the very first thing I disable is Bitlocker, I wasn't aware you could disable it during installation very good to know, I have 24H2 installed but Bitlocker was disabled for me, maybe because I stopped using it, I have the key just in case, thanks Brian good information like this is priceless, so thank you.
Thanks Paul
🙂 dont feel bad, your not alone, most people dont make backups wether its the cloud or a local hard drive, most people are SHEEP 😅
@@MrSamadolfo Yes, sometimes you have to make that mistake to learn from it.
But why didnt you learn from it and keep the key simply available at a place you have access to? I dont get it.
@@Lofote what is more likely. Your laptop gets stolen or four years later it won’t boot and you can’t find a piece of paper with the key and can’t access an account you never used except to set up windows? I see this all the time in our shop. It isn’t people like us that are the problem. It is the accountant at a manufacturing plant or the insurance salesman. You could also argue that if they were backing up their files it wouldn’t matter either. This year I had one laptop that came into the shop where the person had a one drive backup. One. We see what can go wrong and take steps to reduce risk. Most people don’t. And the thing is it is those people that keep me in a job. But if I can’t help because of a safety feature that actually puts them at higher risk of losing data than getting their laptop stolen then we both are hurt by this security feature.
You can enable or disable this bitlocker, but you should never forget to backup. That's the only way to get access to your data if something will go horribly wrong
Not everyone makes a backup often enough, and cloud backup can become expensive in the long run.
Is it slightly inconvenient for the average normie user? Then they won't do backups no matter how important it is :D
Is interesting how every "improvement" to Windows push more users into Linux. Has microsoft realized this?
they have an os monopoly among the general userbase so they can literally afford not to care. even microsoft doesn't use their own os in-house, they also use linux. they know.
hopefully Linux maintainers will be able to keep up with those of 3 dozen new users
@@jeshirekitenkatt1212 I don't think you know what a "monopoly" is.
Why are advanced features like this being pushed on the every day user ? It's a massive headache for people have no interest in encryption and the one who do want it know how to enable it.
Windows becomes more anti consumer by each and every new version. Simple features hiden away but pointless menu's you need to navigate for no reason, APPS you need to turn off slash remove , ADDS in your start menu and now this latests non sense. Great stuff Microsoft keep on going this way.
Brian I really appreciate these step by step instructions, as somebody who can't even remember what I had for breakfast on some days, I will not remember my BitLocker encryption KEY and where I SAVED it! Do not tell me that this is not about Government controlling us, otherwise it would be "optional" and NOT "MANDITORY!
Like many, I keep all personal data off system drive entirely, and with multiple backups, so from that perspective BitLocker isn't an issue, as I can reformat / reinstall windows on a whim.
The real problem is the performance impact, which is significant.
Hej you are absolutely right here everyone should have a backup of their data, I also have it in many different places i wish you a nice day.
Same. So this should be optional
I believe that encryption was created precisely to protect personal data. Why on earth would you want to encrypt an OS? The overhead would slow your performance for no reason.
@@billd9667 the reason is to slow down the hardware to get people to upgrade, it is the something that has been going on a long time, more E waste and more control for them
Thanks, Brian. I wrote all the instructions on an index card so I'll be ready. 👍
You're welcome
Most excellent video - hate Bitlocker; - a) slows things down and overhead b) had issues with Bitlocker and intermitten Hard Disk fail issues c) Hate MS dictating to us what we want / do on their bloatware systems. D) Not so good transferring Data Drives from one Computer to another - in upgrade / replacement; imagine that you need to decrypt on Machine X, then put into Machine Y and then re-encrypt using a new Key unique to Machine Y.
Modern CPUs have built-in hardware acceleration for enc/dec. I don't believe the average pc user would notice the slightest change in speed
Hi Brian, very, very good video. I don't like that BitLocker turns on automatically. It will create many problems for many users if they can't get their encryption key or if something goes wrong. However, you can also turn off BitLocker when you do a clean install of Windows after you've created a bootable USB flash drive with Rufus. So, personally, I will turn off BitLocker when I do a clean install of Windows next time. I save my data offline and on many different drives, like NAS, external drives, and elsewhere. Take care, Brian, and have a nice evening.
Read my post above about Micro$oft doing this for monetization, not consumer protection. This is likely happening for that reason
Thanks, Brian, for this video.
When 24H2 gets to me. I will definitely do this.
Take care
you to
I am so sick of this forced compliance mandates by the likes of Microsoft and others I will just refuse to buy the products on principle despite inconvenience to myself. Where is that Linux distribution I like? If I need Microsoft Windows, it will be contained in a virtual machine jail! Microsoft, You brought this upon yourself and I hope multitudes more have the same idea.
I feel your frustration and I am absolutely with you! Moving on to Linux! 🚀🚀🚀🚀🚀🚀
Thanks for the video it caused errors on some PC's and laptop with some small partitions, can't remember the error code but bit locker was switched on and filling up the partitions
Glad I could help
I'm glad I switched to Linux a few years ago. I think you can use LUKS2 with Windows if you encrypt the drive using LUKS2 then install on that, worth a go?
Thank you! You're the best, king! Can I upgrade to 24H2 now when I did all of this? Or is this something that I have to do during the upgrade/installation process?
Thank you brian, Great video 👍, I wonder what else microsoft will try force on us 😅
Good tip, as simple as editing a DWORD.
My 1st worry, beyond the encryption key management, would be the performance impact on the r/w speeds of the encryption process, I don't buy fast NVMe drives for the leisure of wasting their performances because of a feature that I basically don't need at all and bottlenecked by the TPM 2 module, on a gaming PC (what windows is only good for, to me, everything else, from light client to server, firewall, advanced routing, virtualization, any everyday tasks to any super dedicated system/network tasks, can be achieved with a linux install, from out of the box common desktop PC to super dedicated machines from $200 routers to $10k servers).
Remove gaming and printers management from windows, and it's left with absolutely nothing, that's the only two last things in which linux really has to improve in term of support.
This is helpful.
I do use bitlocker but only for an external hard drive that has sensitive data. Neither my desktop nor my laptop PCs have Bitlocker on the drives running the OS or programmes but I need the password to get at the sensitive data.
The external HD is also partitioned and only the partition with the sensitive data has bitlocker on it.
People might find a video showing how to set up such an arrangement useful.
Thank you so much! Makes me a lot more comfortable knowing how to defeat bitlocker.
Glad to help!
The main reason they're doing this is to prevent dual-booting Linux.
Thanks to one of your previous videos, I've got all my PCs locked to Windows 10 22H2 using Group Policy Editor.
My computer can't be downgraded to windows 11 and I have no interest in buying a new computer.
I just added all of you suggestions to my Win11 23H2. Will these changes in 23H2 work when upgrading to 24H2 thru Windows Update? Thanks for all you have done for this community.
You're welcome mate
Does this only apply to the primary drive or system partition, or will it encrypt all drives?
Hi Brian, does this work when you have multiple drives, because I have 2 m.2's one with windows on it 3 normal SSD's and 3 mechanical drives
It will encrypt the Windows drive only
type Bitlocker into the settings and it will bring up the control panel, make sure its off for every drive
Thanks mate
Updating Windows 11 23H2 or 24H2, have to do this process after every major update, or do now for a PC - this described - and never afterwards?
they're forcing us to use microsoft accounts (in cover of bitlocker storage / backup to one drive)..
And what happens if MS decides to delete your email account bye bye everything it happened to me lost emails one drive evem all my xbox digital games everything gone delete by MS had to start over i do not trust MS EVER AGAIN
Does Bitlocker encrypt the "C" drive only? Or does it also do the same to any other drive installed on the system? What about removable drives once they are plugged in?
Thanks this will come in handy
You're welcome
Britec I need you and others to quit being so plain Jane windows 11 as in windows 10 has 2 verities Home or Pro some Tec people think there the same but setting are not. Nice show I'm a subscriber of your channel !
People setting up Windows on laptops that will be storing sensitive personal information might want to consider just leaving Bitlocker enabled and making sure they store their recovery keys in a safe place.
Bitlocker is the gateway to NO security!!!! The Master KEY that opens ANY Bitlocker is already owned by you know WHO!
How would you disable Btlocker on Win 11 already installed? I had this problem recently and I had to factory reset. Thank you
Am I safe to do updates? Or will it activate incryption?
Great informative video, many thanks Brian
Glad you enjoyed it
So,does this enforced Bitlocker setting occur if we take the latest advice of how to bypass an M$ Account & just do a local one?🤔
Given the extra cost of Pro vs Home,one hopes a future Rufus update helps us less technically savvy users! 🤞
it really doesnt matter, install windows, the bring up the Bitlocker Control Panel and make sure its all off, done.
If you install 11 using a Microsoft Account, then create a new local Admin and delete the Microsoft Account, the drive is ENCRYPTED, and remains Encrypted even after the deletion of the Microsoft account..
@@ColinsGardenRailway 🙂 yikes, thats not good
Just use Windows home NOT PRO
@@michaelpearson9 I think Bitlocker is being deployed on all versions but I mite be wrong =)
very best! thanks for your time
For clarity, this does not happen during the 24H2 update, only if you are doing a fresh install. So, better hit up Microsoft and get that 23H2 or 22H2 for that fresh install.
Like I said, during install and reinstalls.
We get a lot of PCs in the shop with bitlocker turned on and the client has forgotten the account they used and didn’t save the key. Not much we can do to recover that.
Likewise
Will it be forced on a win10 pro update to win 11 or just on a new fresh install of win 11, thanks for your vids.
@@MrSamadolfo well that didn't really answer my question, now did it. If you don't know the answer then why comment?
Probably both and you will have no warning
@@GinoACosta yeah that wouldn't surprise me if that was the case, haha.
Thank you, I created a bootable USB with Rufus so I can reinstall without BitLocker.
double check, once installed bring up the Bitlocker Control Panel and make sure everything says that its OFF
Mutahar needs to do a video on this.
Encryption also adds latency and affects the overall performance of your system. Why would I want to encrypt my system drive? No, I don't. Now I might consider encrypting a data drive that I set aside for important information. That much I would consider.
If Windows 11 is already installed and bitlocker is disabled, will any of the updates force it on?
One thing Microsoft are ignoring is that in a corporate environment having bit locker on stops you being able to update your pc bios with security patches
I'm amazed at how many people think turning this off is a good idea when they have no idea what Bitlocker's purpose it. If your machine gets stolen or lost, your files will not be accessible. Why would you want to turn this off? Let MS keep your key and you won't have any issues.
ok --- if you say so. You can, and will, run into major problems. Guaranteed. Oh, and the bad guys ALREADY KNOW how to defeat bitlocker. Your drives will suddenly stop working, and you will be unable to even get your key from Microsoft. Backup everything early and often
Your Bitlocker key is attached to your microsoft account:
1. Which you can't access, because your system drive is down
2. Which you can't fix, because it's encrypted
3. To fix it, you need it unencrypted
4. Which to do so, you need the key attached to your MS account.
Goto 1.
Like some have already asked , will Bitlocker be turned on by just updating to 24H2 or does it only turn on if you do a fresh install of Windows 11 or reformat ?
Ok Brian thanks for the heads up. Now I am just wondering if this is going to happen if my 23H2 version gets changed to the 24H2 via an update from Microsoft. If so should I go ahead and make these BitLocker changes right now to head it off at the pass?? The only other option that occurs to me is simply not to install 24H2 if that is possible?? Further to this Brian, I found an article that says one can change the BitLocker settings so that one can use a PIN instead of the key is that correct??
Microsoft has already calculated the small number of users (like myself) they'll lose as they tighten the screws on this operating system. It will be interesting to see what changes they continually make that will cause some people to finally throw in the towel.
Store your backups on external drives with non-Microsoft encryption.
Better yet, just don't use Windows!
😒👍 20TB Hitachi FTW
yep, self-made home server from old MacBook running ubuntu and attached usb HDD )
no encryption, just password protection to access the folders via samba sharing for backups
cost-effective solution 👍
@@ТоварищКамрадовСоциалистКоммун 👍
See my post above. Any attempt to back up your data, your backups will also be bitlocker encrypted, and to unlock those, will be an upcharge service
backup is a universal way to preserve your data. It's also an effective way to counteract unauthorized encryption. If that happens, you need to clean your system, sometimes reinstall it, and restore your data. Some most recent files might be lost, this depends on how regular is your backup, and how quickly you recognize that your data are encrypted.
Whatever your post above is, encryption is good anyway cause it addresses not only malware, but also hardware failure, your own mistake like accidental file deletion and so on.
It's essential that these backups should be located on non-local disk, which are not controlled directly by windows. Example is like I described earlier, samba server run by other PC
Thanks for the great advice. 👍
Any time!
It is not beyond the limits of an IQ in double figures the idea of making a choice during installation (with default OFF): "Do you want BITLOCKER to secure your disk? WARNING: it can create insurmountable problems if you don't know what it means and if you don't know how to save the key in a safe place."
Unfortunately, intelligence at Microsoft is becoming a rare commodity.
Can MS reverse these changes in some future update
This Laptop originally came with 22H2, then upgraded to 23H2. I created the registry, and made the other options you talked about, but searching for BitLocker turned up nothing, though the main BitLocker key was in the Registry. So my question is, are my files encrypted or not before these changes; or will these changes reverse these files back to UN-encryted? Since these LT is only 2 years old, I don't recall seeing a screen that mentioned BitLocker!
Great video, thanks for this
Glad you liked it!
Bit Locker is in W10 pro but turned off on my PC. How long will it be before they block the turning off of bit locker on PC's like W11? Only time will tell.
Is this going to be the turning point where more people ditch Microscam and go to Linux or Apple PC's?
Won't Microscam enable bit locker again when they do an update to the system?
My latest laptop came with Windows 11 22H@ preinstalled along with Bitlocker enabled. Yeah, that means I had to also download 23H2 through Windows Update, but that's not the point here. It also came with Bitlocker enabled by default as well. I think I actually disabled it from within Windows, not during installation.
How do we tell Microsoft we do not want this. Or have a button to disable this on install.
soon there will be NO WAY to disable this or even turn it off
Brian does uninstall MS defender effects TPM 2.0 or I won't be able to on/off
I'm no fan of encyrpting hard drives, and I'm a Linux user. I once encrypted a drive using some linux app, I VeraCrypt. What I didn't know, was the drive could only be decrpted using the same Operating System that had encrypted it. So if one used another Linux machine to decrypt, it wouldn't be able to.
Can you clone a drive that has BitLocker Encryption enabled?
but if the bitlocker is on, can you just turn it off?
@@gcampagn yes I just follow the updates without installing it from any ISO. However I implemented the settings of this video. But I will keep an eye
One has to wonder what the thought process is behind forcing rather than asking. MS is no different than an abusive parent, spouse, etc. It's mental illness!
The thought process is a principle called "secure by default." The idea is that most average users don't understand the security implications of choosing ease of use over security, so the system should choose the secure choice for them by default and let advanced users change it back afterwards if they want to.
@@dansanger5340 Kinda like forcing a MS account to install Windows, forcing Edge, tons of telemetry by default and, coming soon to a Windows PC near you, Copilot!!! Encryption has always been available to those that want it and there was a CHOICE to use it or not. This is not a security issue; it's all about control. The average user doesn't need forced "protection".
@@vulcan6940 Of course encryption is a security issue. If your laptop is lost or stolen, and the drive is not encrypted, it's trivial to read your data. That's not obvious to a lot of average users because they think their login password protects their data.
Is the Bitlocker like Apple's APFS file system?
so if they role out the 24H2 update.. do I have a choice to deactivate or do I have to wipe first before installing the windows again? or is there even a way to deactive it still I the reg editor after installation? I am on 23H2 rn and just downloaded KB5039302
and if you lose recovery key then what how can you decrypt drive
Depends
😒 its got backdoors to decrypt but its not available to u, u gotta be an official of the State
I recently bought my mom a Beelink mini PC. Once it arrives, if I have her leave the password field blank for the initial setup, will this bypass this "feature"? Typically, when I get a new PC, I almost always leave the password field blank to make the initial setup easier.
Is it possible to remove Bitlocker entirely, and the prospect of it being hijacked by newer ransomware?
Sorry for the off topic, do you know if " Process Forensics " can detect what is causing (out of the blue SUDDEN) 100% disk spikes and a quick slow down to freeze of the pc. If it can, any chance you could do a vid on this please? Going of the the amount of comments i've read on this (100% disk) and the amount of years this as been going on for people, i do believe i speak for a lot of people that would like the answer to this, and like many others, i have tried this and i have tried that, but some of the other things i don't want to try until i know it will fix it for sure (i do believe Microsoft know what is causing this prob = which will mean they or the cause of the prob, being there is no easy fix i can find).
Eeeew I forgot how _atrocious_ the Windows 11 default UI is. So glad I found StartAllBack, mine looks like a mish-mash of Win7 and Win10, lol.
is there is any problem if i install first then disable it after installation ? also if i only disable the service is that will do the trick
yes but to disable you will need the key, wright it down or take a screenshot when it gives u the key
Thanks Brian.👍
No problem 👍
Casuals will forget their Win11 login details even...
will this solve the issue for those bitlocked enabled drive already?coz if its bitlocked enabled already and need to re-install windows i can't access drive C anymore
I just had to deal with a force bitlock hard drive. My fathers Laptop. Was there without his knowledge. We got stuck in a bitlocker loop, and no matter what I researched I couldn't get it out of it. Lucky for him he had nothing important on it, all the important stuff is saved on a separate hard drive and on his main desktop. If I want to encrypt the hard drive, I'll decide whether I turn it on or off. It does seem like force ransomware as it forces you to make a Microsoft account.
Tysm ^^❤
You're welcome
Are MS adding this to Home Editions as well or just on the Pro & above??
My customers forget passwords & pin numbers, so no chance of remembering where they saved the recovery key (or even if they have one) lol.
all aditions, they are making this standard across the board because most people are on smartpones and tablets and laptops, the desktop community is actually tiny =)
Thank you. I sell secondhand computers. I just checked a Windows 11 Pro install from yesterday. There is NO Microsoft account on the Laptop, only local account as the MS account had been deleted during the setup process. ------- BITLOCKER was ON and the Drive was encrypted.
Hells Bells, If I sold the computer like that; local account only and Drive Encrypted there is no way to recover the key.
But what if I wanna use bitlocker on the second partition of the main drive or on a usb? If I disable it then I can’t use it anymore? So if I want bitlocker then it will gonna lock even my c drive, or the alternative is disabling it completely not being able to use it anymore?
That’s ridiculous
Had several already, Recovery is a nightmare.
Sounds like ransomware - with a bad ending...
Bitlocker has caused me so many problems over the years and cloning drives etc I just keep it off
It annoys me that you are starting regedit from the task manager instead of directly from the command prompt.
I reckon MS will make Windiws a subscription product, then guess what happens to your data when you miss a payment. Bitlocker will facilitate that.
I manage 250+ machines, all running BitLocker, if you don't set a pin you never need a recovery key
It’s easy to disable, uninstall windows, and install any distribution of Linux. Problem solved.
at about 6:28 you mention if you have win 11 pro or above then you can just go into group and disable it, does that mean everything you just talked about previously in this video was for home or any other install less than the pro version? A little confusing....
Windows home does not have group policy so there should be also no bit locker so just run Windows home and u should be ok
@@michaelpearson9 I understand that even Home will have BL forced on users too.
@wally6193 well than goodbye windows go linux
@@wally6193 As of now Windows 11 Home does not have Bitlocker included. Do you think they will bother rewriting the OS just to include it?
Thanks
No worries
Great reason for me to stay on Win11 home then 😂
I believe this applies to Home as well from now on.
🙂 11 has bitlocker on all editions now
7:49. Brian you said disable bitdefender.😂
Getting old
@@Britec09 We are all getting old. I just thought it was funny. I never miss any of your videos.
Will this disable EFS?
Microsoft is messing with everyone by forcing BitLocker on everyone. A serious issue will definitely occur if you forget to back up your encryption keys before upgrading your motherboard BIOS. If you really forget to back it up, you, the sole owner of your hardware, will become the one against whom BitLocker guards your data after a successful upgrade of the BIOS.
I agree
Obviously, the default install will be to use a Microsoft Account, and store the BitLocker key there, to avoid it being lost, so Microsoft is basically targeting the installation at the lowest level of IT expertise. I think it a bit disingenuous to suggest the problem with bitlocker is losing the key, while trying to create ways to avoid the default options for saving the key.
thanks mane
great video
I heard it effects Windows 10 as well.
How to do this for Windows 10?
Like most others I am tired of Microsoft "thinking" what's best for us, I really don't know how to get the message to them other than abandon their system. Problem is they have the vast monopoly and will probably never listen to any end user. With anything like this there should be an option to say yes or no, for most users they won't even know, this WILL result in data loss later !!!
I wonder why this appears in my recommendations just now
🙂 guys I have a warning for all of you, If your using passwords to login to windows AND / OR you are using Bitlocker, which uses KEYS be aware that information is copied over to the bios of your motherboard, so please be aware if you update your bios and you corrupt your bios and the next time you boot your PC you get a warning about TPM you are basically SOL