Security | Vulnerability Scans and Assessment Windows

How to enable BitLocker AES-XTX 256 Encryption Method

Enable BitLocker AES-XTX 256 Encryption Method
Enable BitLocker AES-XTX 256 Encryption Method

BitLocker is a full disk encryption feature included with Windows Vista and later versions of the Windows operating system. It uses AES (Advanced Encryption Standard) encryption with a key length of 128-bits or 256-bits to encrypt the entire drive. BitLocker AES-XTX 256 encryption is used to secure data stored on a computer’s hard drive. It helps protect against data breaches and unauthorized access to data by encrypting the entire drive, including the operating system, system files, and user files. This makes it more difficult for someone to access the data on the drive if the computer is stolen or if someone tries to access the data without permission.

The AES-XTX encryption method was introduced in Windows 10 (1511) and later versions of Windows. This version of AES is designed specifically for encrypting hard disks. By default, Windows 10 1511 encrypts your hard drives using AES-XTX 128. If you need to safeguard sensitive data, you might consider utilizing the AES-XTX 256 algorithm. Let’s have a look at how to activate this algorithm. Here are other related posts: BitLocker Recovery Mode prompted? Cannot find my BitLocker Recovery KeyMicrosoft Bitlocker Administration and Management: Effect of renaming an MBAM or BitLocker protected ComputerHow and where to find your BitLocker recovery key in Windows, and Why does MBAM not automatically re-encrypt MBAM or Bitlocker-protected devices.

Steps to Enable BitLocker AES-XTX 256 Encryption Method

To enable the BitLocker AES-XTX 256 Encryption method, follow the steps below:

To open the Local Group Policy Editor, press the “Windows key” to open “Start” and type “gpedit” and select the top result.

Enable BitLocker AES-XTX 256 Encryption Method: Launch Local Group Policy Editor from Start menu
Launch Local Group Policy Editor from Start menu

Navigate to the following path: Computer Configuration >> Administrative Templates >> Windows Components >> BitLocker Drive Encryption.

Navigate to the BitLocker Drive Encryption
Navigate to the BitLocker Drive Encryption

Double-click on Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later)

Select Enabled and choose the encryption algorithm you want, and then click OK to apply the change.

image3
Enable the AES-XTX 256 Encryption

Once this done, you can go ahead to enable BitLocker encryption on your drive. See the following guide on how to enable Bitlocker via the Local Group Policy Editor and the Group Policy Management Console.

To check the encryption status of your drive after enabling BitLocker encryption on it, open the Command Prompt” as administrator. To do this, press the Windows key to open the Start menu and type “cmd” and choose run as administrator.

Launch Command Prompt from Start menu
Launch Command Prompt from Start menu

Type the following command and press Enter:

manage-bde -status
Check BitLocker Encryption Status from CMD
Check BitLocker Encryption Status from CMD

I hope you find the post helpful. If you have any questions, please leave a comment below.

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x