AMD Motherboards - NVMe SSD hardware encryption support for BitLocker

Print Page | Close Window

NVMe SSD hardware encryption support for BitLocker

Printed From: ASRock.com
Category: Technical Support
Forum Name: AMD Motherboards
Forum Description: Question about ASRock AMD motherboards
URL: https://forum.asrock.com/forum_posts.asp?TID=12732
Printed Date: 02 Aug 2025 at 5:15am
Software Version: Web Wiz Forums 12.04 - http://www.webwizforums.com

Topic: NVMe SSD hardware encryption support for BitLocker

Posted By: Ultranium
Subject: NVMe SSD hardware encryption support for BitLocker
Date Posted: 25 Oct 2019 at 3:42am

Hi.

Recently I got a new rig with a X570 Taichi motherboard, BIOS ver. 2.11.

I have a Samsung 970 EVO Plus 2TB NVMe drive and I'd like to enable hardware accelerated BitLocker encryption for it.

The drive itself supports it, but the BitLocker wizard either offers to me to use software encryption or, if I force it to use hardware encryption via Group Policy, tells me that the hardware encryption is not available.

I don't have TPM in my system, but I activated the "Allow BitLocker without a compatible TPM" option in Group Policy editor, so it shouldn't be a problem.

A also enabled Encrypted Drive in Samsung Magician and made a secure erase prior to Windows installation, enabled Secure boot, disabled CSM, so all the conditions for BitLocker hardware acceleration are met but it doesn't work anyway.

I googled for this problem and found this thread on official Samsung Forum - https://us.community.samsung.com/t5/Monitors-and-Memory/970-Pro-M2-cannot-do-hardware-encrypt/td-p/330809 , where people had same problem and it was resolved for them by BIOS update.

So, my question is - Is there anything else I can do to enable BitLocker with hardware encryption on my NVMe drive? Are there any extra steps needed for X570 Taichi to enable it or maybe it will be fixed in following BIOS updates?

I use my rig as a workstation and I need my drive encrypted. I don't want to use software encryption, because it decreases disk performance, especially in random IOPS.

I also tried to use HDD password option (Class 0 encryption) for this drive and it worked, but the implementation of this feature on X570 Taichi is terrible - when I type in my password with my normal typing rate to unlock the drive, some of characters are skipping - for 16 entered characters I get only 13-15 asterisks in the input field, so if I press Enter it says "Invalid password". I need to type very slowly, 1 characters per second or even slower, to make it accept the password, this is ridiculous.

Moreover, the BIOS asks passwords for each drive in the system, even if all of them use the same passphrase. For example, Dell machines I used before required me to type in password only once in this case.