Forum Discussion

Kashish_Goyal's avatar
Kashish_Goyal
Copper Contributor
Oct 10, 2023

Bitlocker encryption

Hi, 
We have enabled Bitlocker using Intune and used AES 256bit XTS. But when we run manage-bde -status it says the encryption method is XTS-AES 128. 

Any suggestions on this?

Is it a potential Bug or Am i missing something on my end?

Thanks

  • Harm_Veenstra's avatar
    Harm_Veenstra
    Oct 18, 2023
    Ok, but if you want the intune clients to also have 256Bit... Then you will have to decrypt them and encrypt them again to fix that
    • Harm_Veenstra's avatar
      Harm_Veenstra
      MVP
      You have to decrypt before you can switch to a higher encryption method.
    • Kashish_Goyal's avatar
      Kashish_Goyal
      Copper Contributor
      Hi Harm, Sorry for the delayed response. We encrypted the devices straight with AES 256bit XTS and never used 128 XTS.
      This was done using Endpoint Manager.
      Devices managed by Intune says 128Bit.
      Devices not managed by Intune says 256bit.
      • Harm_Veenstra's avatar
        Harm_Veenstra
        MVP
        Ok, but if you want the intune clients to also have 256Bit... Then you will have to decrypt them and encrypt them again to fix that

Resources