The latest version of Windows 10 (1511) has introduced a new encryption algorithm AES-XTX. This version of AES is specific to encrypt hard drives. By default, Windows 10 1511 uses AES-XTX 128 to encrypt your hard drives. If you want to protect sensitive data, you may prefer using AES-XTX 256 algorithm. Let's see how to enable this algorithm.
- Open the
Local Group Policy Editor - Select
Computer Configuration / Administrative Templates / Windows Components / BitLocker Drive Encryption - Double-click on
Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) - Select
Enabled and choose the encryption algorithm you want - Open Windows Explorer, right-click on a drive, and select
Turn On BitLocker
You can check the encryption algorithm using the following command (as administrator):
Shell
manage-bde -status
Do you have a question or a suggestion about this post? Contact me!
