Microsoft’s software encryption for SSDs, BitLocker, has been found to slow down SSD performance in Windows 11 Pro by up to 45%. BitLocker is automatically enabled when Windows 11 Pro is installed and set up and is intended to increase the security of SSD-related processes.
I would like to analyze the problem, TomsHardware has tested the feature and found that SSD speeds can be severely affected when running some applications.
Apparently this happens because the software-based BitLocker is constantly requesting encryption and decryption processes with data on your SSD, while your computer is performing read and write processes. So while your computer is pulling and putting files and data out of your SSD as you go, each of these in and out of the SSD actions involves an additional encryption or decryption process that starts automatically each time.
A pcwelt.de article (translated by PCWorld) points the finger at Windows 11 developers, including the encryption software as part of the Windows 11 Pro installation process. According to pcwelt.de, many modern SSDs have their own built-in hardware-based encryption processes, and this results in all decryption and encryption processes being handled by SSD itself. Either way, Bitlocker is activated when Windows 11 Pro is set up without giving users the option to log out or disable it.
What is the core of the problem and does it affect you?
There is speculation that Microsoft insists on doing this because if not, it will have to leave control of the encryption to SSD manufacturers. This means that Microsoft would have to rely on these SSD manufacturers to manage such an essential feature for Windows 11 Pro users, and in recent years there have been vulnerability issues in the hardware encryption code created by the SSD manufacturers.
These manufacturers have been considerate and patched these vulnerabilities, but perhaps it is understandable that Microsoft does not want to rely on a third party to guarantee users SSD security.
It appears that Windows 11 Home is not affected by this particular problem as BitLocker encryption is not supported.
To find out if your SSD is affected by this problem, you can do the following:
- Open the Windows 11 Pro command line with administrator rights.
- Enter the following command: manage-bde-status
This would be the BitLocker Drive Encryption: Configuration Tool which allows you to analyze all drives on your computer.
When you open Conversion status, you can find out how your SSD data is encrypted. Then, if you look Encryption method, you should see which type of encryption is used on a particular drive: software encryption (“XTS-AES”) or hardware encryption (“Hardware Encryption”). “XTS-AES” means BitLocker is enabled and performing software encryption, while “Fully Decrypted” means BitLock is disabled and encryption processes are taking place on the SSD.
When users run programs that heavily involve the SSD, because each in and out process of the SSD involves an additional encryption or decryption process, the SSD has to handle more processes in total and experiences a greater load. Microsoft may be working on a software patch to fix this entire issue in Windows 11 Pro, but it has not been confirmed if it is currently in development.
How to configure BitLocker in Windows 11 Pro
To speed up your device, you can consider disabling BitLocker, but you should make an informed decision as BitLocker and the added security it provides are beneficial for those who use corporate and business devices, and for those who are often on the road and are often on the road. that they are in situations where there is generally an increased risk of the device being stolen.
If you have BitLocker installed, because it is integrated with your system at the software and operating system level, you can only access the computer’s data by entering the Windows account information associated with that specific Windows 11 Pro device .
If corporate and business devices come with Windows 11 Pro, it is likely that they have default settings and that these devices are experiencing this specific type of slowdown.
If, after careful consideration and understanding, you need higher level data protection and still want to get rid of this SSD encryption protection, you can deactivate BitLocker by following the steps below. Make sure you clearly understand what level of encryption you need before doing this!
- Open the Windows 11 Pro command line with administrator rights
- Enter the following command: manage-bde -off C:
C: This shows which drive you want to disable BitLocker for, and whether this is not the case C: then you need to change it to the drive you want to remove BitLocker from. After that, you will need to restart your computer to complete the process of disabling BitLocker.
There is a way to not disable SSD encryption completely, but to switch it from software encryption to hardware encryption this process has also been described in detail by pcwelt.de (translated by PCWorld).
Personally, I would only consider disabling BitLocker if you are not using your computer for work, or if it does not have any data or files on it that you consider particularly sensitive. However, this is still useful information for understanding more about the inner workings of your computer and digital security.