cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Report showing Bitlocker Encryption Method (SSD encryption issue)

ldockery
Engaged Sweeper II
Depending on the encryption method (hardware vs. software) Bitlocker encryption of SSD's can be bypassed. One example is that if you turn on Bitlocker, it will request the SSD to encrypt itself - which it does to the password "" (blank!).

You can tell if a system is potentially impacted by the result of a manage-bde -status command (or equivalent WMI which I don't have at this time). If the Encryption Method shows "AES", it is software based and you are safe. If it shows "hardware" then depending on the SSD manufacturer, you may be impacted.


Looking for a report that returns "Encryption Method" of Bitlocker so I can make absolutely sure that my devices aren't encrypted to a blank password that may be trivially bypassed.

Edit: Found the WMI:
Win32_EncryptableVolume.EncryptionMethod in root\cimv2\security\MicrosoftVolumeEncryption is a numeric representation of this data. The lookup is here: https://docs.microsoft.com/en-us/windows/desktop/secprov/getencryptionmethod-win32-encryptablevolume
3 REPLIES 3

elKastr0nom
Engaged Sweeper II
Looking for an update, on this outdated post. 🙂

Glennmdh
Engaged Sweeper II
Is there any update to a report that shows the encryption method yet?

ABECU
Engaged Sweeper III
Yes, this scan needs to be possible ASAP based on impact. Thanks!