Disable hardware-based encryption on BitLocker removable drives – TheWindowsClub | Hot Mobile Press

If you want to Disable or disable hardware-based encryption on removable drives while using BitLocker, you can follow this guide. With the help of this guide, it is possible to use software-based encryption instead of hardware-based encryption on BitLocker removable drives. You can activate this setting with Local Group Policy Editor and Registry Editor.

Disable hardware-based encryption on BitLocker removable drives

How to disable hardware-based encryption on removable drives in Windows 11/10 with Group Policy Editorfollow these steps:

  1. Press Win+R to open the Run prompt.
  2. Type gpedit.msc and press the Enter Button.
  3. Navigate to Removable Diskin computer configuration.
  4. Double-click the Configure the use of hardware-based encryption for removable drives Attitude.
  5. Choose Disabled Possibility.
  6. press the OK Button.

Let’s learn more about these steps in detail.

First, you need to open the Local Group Policy Editor. To do this, press Win+R To display the Run prompt, type gpedit.mscand press the Enter Button.

Then navigate to this path:

Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Removable Disk

In which Removable Disk Folder you will see a setting named Configure the use of hardware-based encryption for removable drives. You need to double click on this setting on the right side and select that Disabled Possibility.

When you’re done, click OK Button. From now on, hardware-based encryption for removable drives will be disabled while using BitLocker. However, there is another option that allows users to opt for software-based encryption only when hardware encryption is not available.

To enable this setting, you must select the Allowed option instead of Disabled Possibility. Then tick Use BitLocker software-based encryption when hardware encryption is not available check box.

How to disable hardware-based encryption on removable drives using the registry

To disable hardware-based encryption on removable drives using the registry, follow these steps:

  1. Search for Registry Editor and click on the search result.
  2. press the Yes Button.
  3. Navigate to Microsoft in HKLM.
  4. Right-click Microsoft > New > Key and set the name as FVE.
  5. Right-click FVE > New > DWORD (32-bit) value.
  6. Name it as RDVHardwareEncryption.
  7. Repeat these steps to create another REG_DWORD value with the name RDVAllowSoftwareEncryptionFailover.
  8. Repeat it and name it as RDVRestrictHardwareEncryptionAlgorithms.
  9. Close all windows and restart your computer.

To learn more about these steps, read on.

In order to use the Registry Editor method, you need to open it first. You can search for that Registry Editor in the taskbar search box and click the search result. Then click the Yes button in the UAC prompt.

Next navigate to this path:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft

Right click on the Microsoft button, select new > key, and name it FVE.

Disable hardware-based encryption on removable drives for BitLocker

Then right-click FVE > New > DWORD (32-bit) value and name it as RDVHardwareEncryption.

How to enforce BitLocker Drive Encryption for removable drives

By default it has a value of 0 and you must keep that.

Disable hardware-based encryption on BitLocker removable drives

Next you need to create two more REG_DWORD values:

  • RDVAllowSoftwareEncryptionFailover
  • RDVRestrictHardwareEncryptionAlgorithms

As usual, leave the value data at 0. Finally, close all windows and restart your computer.

Read: Check the BitLocker Drive Encryption status for the drive using Command Prompt or PowerShell

How do I disable hardware encryption?

To disable hardware encryption on removable drives in Windows 11/10, you need to use Local Group Policy Editor or Registry Editor. To do this, open the Removable Disk section and double-click the Configure the use of hardware-based encryption for removable drives Attitude. Then select the Disabled Possibility.

What is hardware disk encryption?

Hardware disk encryption is a type of encryption available on Windows computers that basically turns the data into a different code. Therefore, users or other programs cannot read the unreadable code without first decrypting it. You can enable or disable such settings using GPEDIT and REGEDIT.

That’s all! Hope it helped.

Read: Enable or disable automatic unlocking for BitLocker encrypted data drives.

How to disable hardware-based encryption on removable drives

Leave a Comment