I have a Framework 13 running Win11 Home 22H2. In the “Device encryption settings” control panel, the “Device encryption” option is set to On. However, if I click on “BitLocker drive encryption” it opens a Store page trying to upsell me to Win11 Pro. Does this mean that my drive is not encrypted with BitLocker currently? What is the purpose of “Device encryption” if BitLocker is unavailable?
My goal is to swap a new M.2 2280 SSD in to the laptop to increase capacity, and I want to clone the existing SSD using dd in order to preserve my install. I’m just not sure if I can dd this disk with “Device encryption” on, even though it doesn’t seem like I have access to the BitLocker functionality.
Thanks for your time!
Windows 11 introduced a feature called Device Encryption which is separate from BitLocker. DE protects system files, while BitLocker protects your entire Windows partition (system and personal). BitLocker requires a Pro license, while DE does not.
I’d refrain from
dd on any windows partition, uuid match with a drive mismatch is certain to cause issues, especially with how Windows handles the TPM. Best case your windows license needs reactivation; worst case recovery triggers and corrupts your install. With BitLocker it would probably be guaranteed to cause issues by way of an un-decryptable drive, so it’s not as guaranteed to fail with only DE, but the risk is there.
I’d install fresh on the new drive and then use Windows
robocopy to get your files from one to the other.
Thanks for the clarification. I’ll swap drives and do a fresh install. Thanks!