OPERATING SYSTEMSOS Windows

Enable or disable use of BitLocker on Removable Data Drives


BitLocker can encrypt the drive Windows is installed on as well as encrypt fixed data drives (such as internal hard drives). You can also use BitLocker To Go to help protect all files stored on a removable data drive (such as an external hard drive o,r USB flash drive). In this post, we show you how to enable or disable use of BitLocker on Removable Data Drives in Windows 10.

Enable or disable use of BitLocker on Removable Data Drives

You must be signed in as an administrator to enable or disable the ability to configure and use BitLocker on removable data drives.

You can enable or disable the use of BitLocker on Removable Data Drives in Windows 10 in either of two ways;

  1. Local Group Policy Editor
  2. Registry Editor

Let’s see a description of the process involved in relation to the two methods.

1] Enable or disable use of BitLocker on Removable Data Drives via Local Group Policy Editor

Enable or disable use of BitLocker on Removable Data Drives-Group Policy Editor

Do the following:

  • Press Windows key + R to invoke the Run dialog.
  • In the Run dialog box type gpedit.msc and hit Enter to open Group Policy Editor.
  • Inside the Local Group Policy Editor, use the left pane to navigate to the path below:
Computer ConfigurationAdministrative TemplatesWindows ComponentsBitLocker Drive EncryptionRemovable Data Drives
  • In the right pane of Removable Data Drives in Local Group Policy Editor, double-click/tap on the Control use of BitLocker on removable drives policy to edit its properties.
  • Set the radio button to Enabled.
  • Check or uncheck Allow users to apply BitLocker protection on removable data drives and Allow users to suspend and decrypt BitLocker on removable data drives per your requirement.
  • Click Apply > OK to save the changes and exit.

To disable, simply set the radio button to Not configured or Disabled option.

For Windows 10 Home users, you can add the Local Group Policy Editor feature and then carry out the instructions as provided above or you can do the registry method below.

2] Enable or disable use of BitLocker on Removable Data Drives via Registry Editor

Since this is a registry operation, it is recommended that you back up the registry or create a system restore point as necessary precautionary measures.

To enable use of BitLocker on Removable data Drives, do the following:

  • Press Windows key + R to invoke the Run dialog.
  • In the Run dialog box, type notepad and hit Enter to open Notepad.
  • Copy and paste the code below into the text editor.
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftFVE]
"RDVConfigureBDE"=-
"RDVAllowBDE"=-
"RDVDisableBDE"=-
  • Now, click the File option from the menu and select Save As button.
  • Choose a location (preferably desktop) where you want to save the file.
  • Enter a name with .reg extension (eg; Enable_BitLocker_on_RDD.reg).
  • Choose All Files from the Save as type drop-down list.
  • Double-click the saved .reg file to merge it.
  • If prompted, click on Run > Yes (UAC) > Yes > OK to approve the merge.
  • You can now delete the .reg file if you like.

To Specify use of BitLocker on Removable Data Drives, use the following code per your requirement:

Allow users to apply BitLocker protection on removable data drives:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftFVE]
"RDVConfigureBDE"=dword:00000001
"RDVAllowBDE"=dword:00000000
"RDVDisableBDE"=dword:00000000

Repeat the steps above but name the reg file as Allow_Users_to_Apply.reg.

OR

Allow users to suspend and decrypt BitLocker on removable data drives:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftFVE]
"RDVConfigureBDE"=dword:00000001
"RDVAllowBDE"=dword:00000000
"RDVDisableBDE"=dword:00000001

Repeat the steps above but name the reg file as Allow_Users_to_Suspend_Decrypt.reg.

To disable use of BitLocker on Removable data Drives, do the following:

  • Open Notepad.
  • Copy and paste the code below into the text editor.
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftFVE]
"RDVConfigureBDE"=dword:00000000
"RDVAllowBDE"=dword:00000000
"RDVDisableBDE"=dword:00000000
  • Now, click the File option from the menu and select Save As button.
  • Choose a location (preferably desktop) where you want to save the file.
  • Enter a name with .reg extension (eg; Disable_BitLocker_on_RDD.reg).
  • Choose All Files from the Save as type drop-down list.
  • Double-click the saved .reg file to merge it.
  • If prompted, click on Run > Yes (UAC) > Yes > OK to approve the merge.
  • You can now delete the .reg file if you like.

That’s it on how to enable or disable the use of BitLocker on Removable Data Drives in Windows 10!

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *