Depending on the encryption method (hardware vs. software) Bitlocker encryption of SSD's can be bypassed. One example is that if you turn on Bitlocker, it will request the SSD to encrypt itself - which it does to the password "" (blank!).

You can tell if a system is potentially impacted by the result of a manage-bde -status command (or equivalent WMI which I don't have at this time). If the Encryption Method shows "AES", it is software based and you are safe. If it shows "hardware" then depending on the SSD manufacturer, you may be impacted.


Looking for a report that returns "Encryption Method" of Bitlocker so I can make absolutely sure that my devices aren't encrypted to a blank password that may be trivially bypassed.

Edit: Found the WMI:
Win32_EncryptableVolume.EncryptionMethod in root\cimv2\security\MicrosoftVolumeEncryption is a numeric representation of this data. The lookup is here: https://docs.microsoft.com/en-us/windows/desktop/secprov/getencryptionmethod-win32-encryptablevolume