CUMC Home | Columbia University | Jobs at CUMC | Contact CUMC | Find People
For support: call extension 5-Help (212-305-4357) or email us
Student Computing

Checking the BitLocker Encryption Strength

IMPORTANT: BitLocker on workforce computers must be set up by the department or division's Certified IT Group. Do not use student instructions or the computer will not be complying with University Policy and CUMC Information Security Procedures. Instructions for students are provided as a courtesy only.

By default, BitLocker uses an encryption method called AES-128, which does not meet the University encryption requirement minimum of a 256 bit cipher key. These instructions will help you look up a computer's current BitLocker encryption method.

View BitLocker Drive Encryption Settings
  1. Login to the computer using an account with Administrative rights.
  2. Open the command prompt:
    • Windows 10 - right-click on the Start button in the lower left, then select Command Prompt (Admin) from the menu that appears. Click Yes if a User Account Control window opens.
    • Windows 8.1 - enter Apps and find the Command Prompt under the Windows System heading in the list of Apps
    • Windows 7 - click the Start button in the lower left and open All Programs - Accessories - Command Prompt
  3. Type manage-bde -status and hit the Enter key.
  4. See what is listed in the Encryption Method field.
  5. BitLocker Encryption Method View
  6. Type exit at the prompt and hit enter or click the upper right hand corner to close the command window when done.
If AES-256 (or XTS-AES 256) is not listed the computer will need to be completely decrypted, then have BitLocker settings changed to use AES-256 and running full disk encryption.

| TOP |

Last updated 10/10/2018