→ Having trouble accessing our new support portal or creating a ticket? Please notify our team here

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Engaged Sweeper II
Depending on the encryption method (hardware vs. software) Bitlocker encryption of SSD's can be bypassed. One example is that if you turn on Bitlocker, it will request the SSD to encrypt itself - which it does to the password "" (blank!).

You can tell if a system is potentially impacted by the result of a manage-bde -status command (or equivalent WMI which I don't have at this time). If the Encryption Method shows "AES", it is software based and you are safe. If it shows "hardware" then depending on the SSD manufacturer, you may be impacted.

Looking for a report that returns "Encryption Method" of Bitlocker so I can make absolutely sure that my devices aren't encrypted to a blank password that may be trivially bypassed.

Edit: Found the WMI:
Win32_EncryptableVolume.EncryptionMethod in root\cimv2\security\MicrosoftVolumeEncryption is a numeric representation of this data. The lookup is here: https://docs.microsoft.com/en-us/windows/desktop/secprov/getencryptionmethod-win32-encryptablevolume
Engaged Sweeper II
Looking for an update, on this outdated post. 🙂
Engaged Sweeper II
Is there any update to a report that shows the encryption method yet?
Engaged Sweeper III
Yes, this scan needs to be possible ASAP based on impact. Thanks!