BitLocker Drive Encryption · Windows 11 25H2 policy catalog · Policy selection

Subcategories

Drill down to reach more specific policy areas.

Fixed Data Drives

7 policies · 0 subcategories · 7 total

Operating System Drives

19 policies · 0 subcategories · 19 total

Removable Data Drives

8 policies · 0 subcategories · 8 total

Policies in this category

Select a policy to view full details.

Computer
Choose default folder for recovery password
At least Windows Vista
Computer
Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later)
At least Windows Server 2016, Windows 10
Computer
Choose drive encryption method and cipher strength (Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows 10 [Version 1507])
At least Windows Server 2012, Windows 8 or Windows RT
Computer
Choose drive encryption method and cipher strength (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2)
Windows Server 2008, Windows 7, and Windows Vista
Computer
Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista)
Windows Server 2008 and Windows Vista
Computer
Disable new DMA devices when this computer is locked
At least Windows Server 2016, Windows 10 Version 1703
Computer
Prevent memory overwrite on restart
Windows Server 2012 R2, Windows 8.1, Windows Server 2012, Windows 8, Windows Server 2008, Windows 7, and Windows Vista
Computer
Provide the unique identifiers for your organization
At least Windows Server 2008 R2 or Windows 7
Computer
Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista)
Windows Server 2008 and Windows Vista
Computer
Validate smart card certificate usage rule compliance
At least Windows Server 2008 R2 or Windows 7