Windows 10 Gets the New XTS-AES Bitlocker Encryption

BitLocker Drive is one of the most useful integrated Windows 10 security features, it is used to protect your data from various security threats like leaking and getting stolen. And Windows 10 Fall Update got some improvements for it, as well. Namely, with the last update, Microsoft brought support for XTS-AES encryption algorithm to BitLocker.

Bitlocker supports both 128-bit and 256-bit XTS-AES keys, but you have to know that it’s not compatible with older versions of Windows. After the update, BitLocker for Windows 10 now allows users to recover their device with Azure directory, provides DMA port protection, and New Group Policy fore configuring pre-boot recovery. Here are some more details about these additions:

• Encrypt and recover your device with Azure Active Directory – Additionally to using a Microsoft Account, automatic Device Encryption allows you to encrypt all your devices that are the part of an an Azure Active Directory domain. So, when the device is encrypted, the BitLocker recovery key will be automatically be saved to Azure Active Directory. This will make it easier to recover your BitLocker key online.
• DMA port protection – You can now take the advantage of the DataProtection/AllowDirectMemoryAccess MDM policy to block DMA ports when on the boot of your computer. Also, when a device is locked, all unused DMA ports will be turned off, but devices that are already plugged into a DMA port will continue to work.
• New Group Policy for configuring pre-boot recovery – You can now configure the pre-boot recovery message and recover URL that is shown on the pre-boot recovery screen. For more info, see the “Configure pre-boot recovery message and URL” section in BitLocker Group Policy settings.

If you don’t have Bitlocker activated on your computer, you should definitely consider turning it on, because it is very useful feature, and it will surely improve the security of your system.