• How to prevent/disable Bitlocker Automatic Device Encryption?

    Home » Forums » AskWoody support » Windows » Windows 10 » Windows 10 version 22H2 » How to prevent/disable Bitlocker Automatic Device Encryption?

    Tags:

    Author
    Topic
    EricB
    AskWoody Plus
    May 28, 2023 at 6:10 am #2562402

    When I unboxed my Dell system I created a local account.  There is no user with a Microsoft account on the system.  My drives are not encrypted and control panel shows that Bitlocker is off for all drives. The system information utility shows “Device Encryption Support Reasons for failed automatic device encryption: PCR7 binding is not supported, Un-allowed DMA capable bus/device(s) detected”.

    I don’t know exactly what this means and am concerned that at some future point installing a Dell update could result in automatic device encryption being activated.  Since there is no Microsoft account I am concerned that such an event could be catastrophic due to an unknown recovery key being required.

    This article from Dell https://www.dell.com/support/kbdoc/en-us/000124701/automatic-windows-device-encryption-bitlocker-on-dell-systems mentions a registry key to prevent automatic device encryption but states that it is only effective when preparing a Windows Image, not after Windows is installed.  Microsoft’s article at https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10 discusses the registry key without the qualification made by Dell regarding effectiveness.

    My bottom line question — how can I ensure that automatic device encryption is disabled?

    1 user thanked author for this post.
    Lars220
    Reply | Quote
    Viewing 1 reply thread
    Author
    Replies
    • bbearren
      AskWoody MVP
      May 28, 2023 at 6:28 am #2562403
      EricB wrote:

      My bottom line question — how can I ensure that automatic device encryption is disabled?

      Run Services.msc as Administrator, find Bitlocker Drive Encryption Service, right-click on it, select Properties, go to Startup type and change it to Disabled.

      Always create a fresh drive image before making system changes/Windows updates; you may need to start over!
      We all have our own reasons for doing the things that we do with our systems; we don't need anyone's approval, and we don't all have to do the same things.
      We were all once "Average Users".
      Computer Specs

      1 user thanked author for this post.
      Lars220
      Reply | Quote
    • b
      AskWoody_MVP
      May 28, 2023 at 7:23 am #2562410
      EricB wrote:

      Since there is no Microsoft account I am concerned that such an event could be catastrophic due to an unknown recovery key being required.

      Device encryption requires a Microsoft account:

      On supported devices running Windows 10 or newer BitLocker will automatically be turned on the first time you sign into a personal Microsoft account (such as @outlook.com or @hotmail.com) or your work or school account.

      BitLocker is not automatically turned on with local accounts, …

      Device encryption in Windows

      Reply | Quote
      • bbearren
        AskWoody MVP
        May 28, 2023 at 7:52 am #2562415

        On supported devices running Windows 10 or newer BitLocker will automatically be turned on the first time you sign into a personal Microsoft account (such as @outlook.com or @hotmail.com)” is a bit misleading.

        I use OneDrive, and every time I sign into Windows, I automatically sign into a personal Microsoft account for OneDrive synchronization.

        The OP asked

        EricB wrote:

        how can I ensure that automatic device encryption is disabled?

        That can be done in Services.

        Always create a fresh drive image before making system changes/Windows updates; you may need to start over!
        We all have our own reasons for doing the things that we do with our systems; we don't need anyone's approval, and we don't all have to do the same things.
        We were all once "Average Users".
        Computer Specs

        Reply | Quote
        • b
          AskWoody_MVP
          May 28, 2023 at 9:14 am #2562424

          What’s misleading?

          His reason for wanting to do so is not applicable.

          Reply | Quote
          • bbearren
            AskWoody MVP
            May 28, 2023 at 9:43 am #2562426
            b wrote:

            His reason for wanting to do so is not applicable.

            It doesn’t have to be.  We all have our own reasons for doing the things that we do to our systems, we don’t need anyone’s approval, and we don’t all have to do the same things.

            The OP expressed his concerns:

            EricB wrote:

            I don’t know exactly what this means and am concerned that at some future point installing a Dell update could result in automatic device encryption being activated. Since there is no Microsoft account I am concerned that such an event could be catastrophic due to an unknown recovery key being required.

            I’m signing off on this topic.

            Always create a fresh drive image before making system changes/Windows updates; you may need to start over!
            We all have our own reasons for doing the things that we do with our systems; we don't need anyone's approval, and we don't all have to do the same things.
            We were all once "Average Users".
            Computer Specs

            Reply | Quote
    Viewing 1 reply thread
    Reply To: How to prevent/disable Bitlocker Automatic Device Encryption?

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.