Microsoft is poised to introduce a noteworthy enhancement in its upcoming Windows 11 24H2 update, which will feature the device encryption tool, BitLocker, enabled by default. This shift marks a significant change from previous iterations, where BitLocker was exclusive to Windows Pro editions. Now, a wider array of devices will benefit from this added layer of security.
Performance Considerations
While the prospect of enhanced data protection is appealing, there are concerns regarding the potential impact on SSD performance. According to tests conducted by Tom’s Hardware, enabling BitLocker can lead to substantial reductions in speed. Specifically, sequential read speeds may plummet by as much as 45%, while write speeds could decrease by around 40%. Random read and write operations also experience a slowdown, albeit to a lesser degree. The extent of these performance hits varies based on the specific SSD and the nature of the workload, but the overall trend indicates a noticeable deceleration, particularly during large data transfers.
The automatic activation of BitLocker could catch many users off guard, as they may install the update without fully understanding the implications for their SSD’s performance. Although Microsoft has acknowledged this change in its support documents, it has not explicitly addressed any potential performance drawbacks, leading to speculation about whether the company has mitigated these issues or simply considers them minor.
It is important to note that BitLocker will only be enabled by default on new PCs, such as the recently launched Copilot+ models, or in cases where users perform a clean installation of Windows. For those upgrading existing systems to the 24H2 version, the feature will not activate automatically. Additionally, users logging in with a local account will need to manually enable BitLocker through the Settings or Control Panel.
Benefits of Default Encryption
Despite the performance concerns, there are clear advantages to having BitLocker enabled by default. This proactive approach ensures that users benefit from enhanced security without the need for manual configuration, particularly aiding those who may not be technologically savvy enough to activate such features themselves.
Alongside BitLocker, the forthcoming Windows 11 update will introduce other security enhancements. Notably, it aims to simplify the encryption process by removing the necessity for certain hardware features that were previously required. Devices will no longer need to meet the Hardware Security Test Interface (HSTI) or Modern Standby criteria to enable automatic encryption. Furthermore, the update will streamline compliance with Hardware Lab Kit (HLK) standards for manufacturers by eliminating the need to check for untrusted Direct Memory Access (DMA) interfaces.