Hot Take Windows 11 Pro's On-By-Default Encryption Slows SSDs Up to 45%

brambedkar59

Level 31
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
2,087
There are few things more frustrating than paying for high-speed PC components and then leaving performance on the table because software slows your system down. Unfortunately, a default setting in Windows 11 Pro, having its software BitLocker encryption enabled, robs as much as 45 percent of the speed from your SSD as it forces your processor to encrypt and decrypt everything. According to our tests, random writes and reads — which affect the overall performance of your PC — get hurt the most, but even large sequential transfers are affected
 
F

ForgottenSeer 100397

I prefer to use a local account, and I don't have BitLocker turned on. However, while installing Windows 11 Pro on an SSD system, the installation process automatically turned on BitLocker. I realized this when I was configuring the Settings Panel. In Settings, I saw BitLocker ON, and it suggested signing in to a Microsoft account for full encryption. I turned off the partial encryption, which took some time but was successful.
 

TairikuOkami

Level 37
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,628
Another reason not to use pro at home?
Some users reported that BitLocker was enabled by default even on Home, then they complained because obviously they did not backup the key and thus lost files. I would not be surprised, since 11 defragmented SSD as well, twice, and did many other funny things. Still, I chose Home for this reason, because it does not contain "features" I would never use, but which could be abused.
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,861
Is it for pre-installed windows on newly bought branded PC's and laptops?
I have freshly installed Windows 11 Pro many times but it never enabled BitLocker on my system.
1697791394330.png
 
F

ForgottenSeer 100397

I have freshly installed Windows 11 Pro many times but it never enabled BitLocker on my system.
I had the same experience. When I did a fresh install of Windows 11 Pro 22H2, the installation automatically enabled BitLocker. In Settings, it mentioned that signing in to my Microsoft account would enable full encryption.
 
F

ForgottenSeer 100397

The enabling of BitLocker during the Win 11 Pro installation could depend on Hardware Security. My system didn't have BitLocker enabled (Standard hardware security not supported). Another system had BitLocker enabled (Enhanced hardware security supported).
 

Oldie1950

Level 6
Verified
Well-known
Mar 30, 2022
283
Some users reported that BitLocker was enabled by default even on Home, then they complained because obviously they did not backup the key and thus lost files. I would not be surprised, since 11 defragmented SSD as well, twice, and did many other funny things. Still, I chose Home for this reason, because it does not contain "features" I would never use, but which could be abused.
If I remember correctly, the Home version has encryption enabled for user data (documents, images, etc.) by default.
 

Jonny Quest

Level 21
Verified
Top Poster
Well-known
Mar 2, 2023
1,081
If Bitlocker is enabled, I believe you would need your key when going into safe mode or coming out of safe mode. That was a surprise to me the first time I went through that and had to look up my recovery key on another PC. So I keep mine turned off, just so I don't forget about it. Example below.

 

Freki123

Level 16
Verified
Top Poster
Aug 10, 2013
753
MS is always good for some fun with using people as guinea pigs without clear consent :D
For me the article read that Rufus and/or using a local account may prevent bitlocker default usage. That's also the way I installed my win 11 pro a few weeks ago no bitlocker here.
 
  • Like
Reactions: Jonny Quest

brambedkar59

Level 31
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
2,087
Some users reported that BitLocker was enabled by default even on Home, then they complained because obviously they did not backup the key and thus lost files. I would not be surprised, since 11 defragmented SSD as well, twice, and did many other funny things. Still, I chose Home for this reason, because it does not contain "features" I would never use, but which could be abused.
I thought requirements for automatic encryption was MS account, TPM and secure boot. So key should have been backed up in Onedrive.
 
  • Like
Reactions: blackice

brambedkar59

Level 31
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
2,087
Is it for pre-installed windows on newly bought branded PC's and laptops?
I have freshly installed Windows 11 Pro many times but it never enabled BitLocker on my system.
View attachment 279244
Device encryption is available and turned on by default on devices that support Modern Standby and running any Windows 11 edition.
 

oldschool

Level 84
Verified
Top Poster
Well-known
Mar 29, 2018
7,577
This is the link to check your hardware and standby availability.
Luckily, mine doesn't support this.
 
F

ForgottenSeer 100397

I partitioned my SSD into C for the system and D for personal data. When I checked the Win 11 Pro Defrag app, it showed that Windows had not trimmed the system partition for 4 days, while it had not optimized the data partition for 82 days. The Defrag app enables itself for all disks with default settings. The data partition only contains Hasleo backup images and a folder with some MS Office files. Why didn't Windows trim the D partition yet?
 
  • Like
Reactions: brambedkar59

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top