My previous post was about efficiency but at the same time about performance, or in short, efficient performance. One thing that escaped my notice though was the impact on performance on account of BitLocker. BitLocker is enabled by default in 24H2, something that escaped my attention when I reset my laptop to its cloud downloaded factory image.
It is probably not noticeable in daily use, apart from when doing huge file transfers or running synthetic benchmarks. There is no reason to be doing so in general, but I had one this past week when I purchased a new drive (Western Digital SN770) to accompany my primary drive – a Samsung 990 Pro. On paper, the 990 Pro should have been faster, but that wasn’t the case when running a benchmark.
Curiosity got the better of me, and thus began my quest to identify the cause. It didn’t take long though as soon after I installed the SN770, I decided to enable over provisioning on the 990 Pro as space was no longer as much of a constraint. Samsung’s Magician tool wouldn’t set up over provisioning by default, requiring me to use a third-party tool, in this case, the AOMEI Partition Assistant. It was at this point, I realised that I had BitLocker enabled on the drive and which could be the cause of the performance drop.
Indeed, that was the case as the 990 Pro handily beat the SN770 once BitLocker was disabled. The overhead, as seen in this post’s header image, was about 40% which is substantial. The 990 Pro supports hardware encryption, and that certainly wasn’t in use by default. Further analysis indicates that it just doesn’t support the algorithm versions required by BitLocker and thus is tricky to set up, if at all. Not wanting to take that hit in general, I decided that I needed only my personal data to be encrypted as against the full drive. To that end, I decided to use VeraCrypt to store my personal data.
My setup as it stands, has both drives unencrypted. However, all my personal data is synced to OneDrive which I have now set up on the VeraCrypt container. The privacy paranoid might choose to do things the other way around, as in have the VeraCrypt container saved on OneDrive instead, but is detrimental to the convenience of having files accessible across all platforms and having photos, video auto-upload from my iPhone.
Thus, if you happen to have Windows 11 installed recently, you need to keep in mind the impact that BitLocker has on performance, though most might not notice it in everyday use. It is mostly worth it for the security it provides, but it is not the only solution offering encryption for your files, which is where VeraCrypt works better for me, especially as I prefer to multi-boot using Ventoy. At the end, it is your choice to enable it or not, though in this instance it seems the decision was made for me by Microsoft without any intimation, thus requiring me to go with my own setup after the fact.
