What’s new in BitLocker

Windows 11 now supports hardware accelerated BitLocker, where encryption and decryption are handled by crypto engines inside modern SoCs instead of the main CPU.

BitLocker still provides full disk encryption, but the actual cryptographic operations are now done more efficiently and with hardware protected keys on capable systems.

Software BitLocker can noticeably slow fast NVMe SSDs, especially in gaming and video editing, because every I/O goes through CPU-driven encryption.

With hardware acceleration, Microsoft reports up to about 70% fewer CPU cycles per I/O and storage performance that can come close to an unencrypted NVMe drive in common workloads.

Hardware accelerated BitLocker is available on Windows 11 24H2 (with the September 2025 updates) and built into Windows 11 25H2, but it only kicks in on supported hardware. Initial support targets Intel vPro systems with upcoming Intel Core Ultra Series 3 “Panther Lake” processors and NVMe storage, with more SoC vendors expected over time.

To check if your system is using the new mode, open an elevated Command Prompt or PowerShell window and run manage-bde -status.

Under “Encryption Method,” look for XTS-AES-256 with a note that it is “hardware accelerated”; if that line is missing, your device is either unsupported or falling back to software BitLocker due to policy, algorithm, or FIPS constraints.