Settings for enforced encryption

The default enforced encryption rule is always available. If required, you can create additional rules for specific logged on users, groups, computers or networks. See the Use cases for more information.

When editing the first encryption rule, a description is already entered on the General tab. Add a comment and your own text, which is displayed in the user selection dialog.

On the Settings tab you can use the default settings or select the following options:

• Use administrative password. Don’t prompt user: If you enable this option, the storage device will be encrypted with the administrative password only. Users are not prompted to enter their own password during encryption.
• Prompt user for encryption password: This setting prompts the user for their own password.

• Attempt to mount using administrative password first: Initially, the user is not asked for their own password. The user will only be prompted for their own password if DriveLock cannot load the storage device automatically, for example, when the administrative password does not match.

  Note that this option only works if you have specified an administrative password in the Encrypted drive recovery section.

• Encryption: Select the appropriate encryption method. Please note the following:

  • The default option is AES (256 bit key length).
  • Select AES (128 bit key length) if compatibility with older systems is critical for you.
  • AES-XTS (128 or 256 bit key length) encryption methods are only available for Windows 10 1511 and higher. Drives encrypted with XTS AES cannot be accessed on older versions of Windows.