Sunday, 26 June 2016

How to change BitLocker AES 128Bit encryption method to AES 256Bit encryption method?

Or, How to change Default algorithm Supported by BitLocker Encryption.
Or, How to change Default encryption algorithm supported by BitLocker.
Or, How to change encryption algorithm or method supported by MS BitLocker?

Microsoft BitLocker supports XTS-AES 128Bit encryption method by default.  Yes, it can be changed to AES 256Bit if you want it to be. The point you should note is, when you are making the changes to change the encryption method, this change will affect only to newly encrypted drives that has been encrypted after making the changes. Drives which were already encrypted will continue to use default encryption method.
If you wish to change the encryption method on already encrypted drive, you must first decrypt the drive and then perform the encryption again after making the changes in encryption method through local computer policies.
To change the encryption method from AES-128Bit to AES-256Bit, Please follow the below steps.

Go to RUN > gpedit.msc > Computer Configuration > Administrative Template > Windows Components > BitLocker Drive Encryption > Choose the appropriate option as per your requirement (as highlighted in below screenshot):

Click on Enable > In the “Select the encryption method” option, Select AES 265-bit

Cheers, If you have any query or feedback, please write me back..

No comments:

Post a comment