Microsoft is enabling BitLocker device encryption by default on Windows 11 - eviltoast
  • bandwidthcrisis@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    3 months ago

    But that’s not the case for Windows Home, is it? The FDE setting just takes me to a page to upgrade to Pro. My laptop does have TPM.

    • Romkslrqusz@lemm.ee
      link
      fedilink
      English
      arrow-up
      2
      ·
      3 months ago

      It is, Secure boot and the TPM must both be enabled.

      If you check Msinfo32 / “System Information” with admin rights, there is a “device encryption” listing that maybhave additional information.

      There are rare instances where a device won’t support automatic encryption due to “Un-allowed DMA capable bus/device(s) detected” which requires a registry tweak to work around

      • bandwidthcrisis@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 months ago

        Un-allowed DMA capable bus/device(s)

        And there it is in msinfo!

        Thanks very much. I’ve been using veracrypt for years, it’s good to know that I have another option (especially to simplify things for family members).