Windows 10 version 1511 introduced a new encryption algorithm, AES-XTX, designed specifically for encrypting drives. By default, Windows 10 1511 uses AES-XTX 128. If you want stronger protection for sensitive data, you can switch to AES-XTX 256. Here is how to enable it.
- Open the
Local Group Policy Editor - Select
Computer Configuration / Administrative Templates / Windows Components / BitLocker Drive Encryption - Double-click on
Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) - Select
Enabled and choose the encryption algorithm you want - Open Windows Explorer, right-click on a drive, and select
Turn On BitLocker
You can check the encryption algorithm using the following command (as administrator):
Shell
manage-bde -status
Do you have a question or a suggestion about this post? Contact me!
