Windows 10 comes with a full disk encryption feature called "BitLocker". It is bundled with the operating system by default, however, the disk encryption has to be enabled explicitly by the user. Even if you are not using BitLocker, its context menu options are always visible in the drive's context menu in File Explorer. Here is how to hide BitLocker-related context menu entries.
BitLocker was first introduced in Windows Vista and still exists in Windows 10. It was implemented exclusively for Windows and has no official support in alternative operating systems. BitLocker can utilize your PC's Trusted Platform Module (TPM) to store its encryption key secrets. In modern versions of Windows such as Windows 8.1 and Windows 10, BitLocker supports hardware-accelerated encryption if certain requirements are met (the drive has to support it, Secure Boot must be on and many other requirements). Without hardware encryption, BitLocker switches to software-based encryption so there is a dip in your drive's performance. This is the primary reason most people do not use BitLocker.
If you find no use for this feature, it might be annoying to see its context menu items. Even if you are a BitLocker user, you may want to hide it from the drive's context menu, since it is also accessible from the Control Panel. Removing BitLocker-related context menu items can be done with a simple Registry tweak.
How to remove BitLocker from context menu in Windows 10
All BitLocker-related context menu commands are represented by the following Registry keys:
HKEY_CLASSES_ROOT\Drive\shell\change-passphrase HKEY_CLASSES_ROOT\Drive\shell\change-pin HKEY_CLASSES_ROOT\Drive\shell\encrypt-bde HKEY_CLASSES_ROOT\Drive\shell\encrypt-bde-elev HKEY_CLASSES_ROOT\Drive\shell\manage-bde HKEY_CLASSES_ROOT\Drive\shell\resume-bde HKEY_CLASSES_ROOT\Drive\shell\resume-bde-elev HKEY_CLASSES_ROOT\Drive\shell\unlock-bde
For example, when BitLocker is not enabled, the command "Turn on BitLocker" is visible in the drive's context menu:
To disable it, you need to do the following.
- Open Registry Editor.
- Go to the following Registry key:
HKEY_CLASSES_ROOT\Drive\shell\encrypt-bde
Tip: you can quickly open the Registry editor app at the desired key. See the following article: How to jump to the desired registry key with one click.
- Here, create a new string value called ProgrammaticAccessOnly. Don't set any value data, just leave it empty.
- Now, go to the following key:
HKEY_CLASSES_ROOT\Drive\shell\encrypt-bde-elev
Similarly as above, create a string value ProgrammaticAccessOnly with empty value data.
The result will be as follows:
The command Turn on BitLocker becomes invisible.
ProgrammaticAccessOnly does the main trick. It is a special parameter which tells the Windows Explorer shell that the context menu item can only be accessed by software programmatically. The user interface gets locked down, so the command disappears from the context menu!
Repeat the instructions above for all BitLocker-related commands that you want to hide from the context menu.
To save your time, I prepared ready-to-use Registry files which you can download here:
The undo file is included. By default, the tweak disables all context menu commands related to BitLocker, so you might want to edit it first before applying.
Alternatively, you can use Winaero Tweaker. See the following screenshot:
That's it.
Did you use BitLocker? Have you found it useful or did you never bother to use it? Tell us in the comments.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
Hi Sergey, thanks for this. I will wait for this to added to winareo. :) Many thanks in advance.
Hi Shyam
Thanks for kind words.
I will add it.
I cannot find any documentation concerning the string value “ProgrammaticAccessOnly”. Do you have a link?
To deactivate context menu functions like Bitlocker I normally use ShellMenuView which inserts a “LegacyDisable”. I do not understand what the advantage of ProgrammaticAccessOnly is compared to LegacyDisable.
ProgrammaticAccessOnly is a special value that hides a context menu entry, but programs can access it if required. This is very useful!
I feel no difference from LegacyDisable, they serve the identical purpose.
But how can a program “access a context menu”? Do you have an example? Of course, the key in the registry could be accessed by every program, if a value like ProgrammaticAccessOnly or LegacyDisable exists or not.
From which documentation is your quote? Did not find it.
BTW I did not receive any notifications by email that you answered my last comment. Or isn’t there such a function on your blog?
Sorry, the blog doesn’t have this feature.
I learned about this parameter from a Russian book, I know it since Windows Vista.
It was a book about Registry internals.
I can find the name of the book and its author if you are interested.
But it is not available in English, I am sure 100%.
Thanks for the offer, but I was only curious if there exist anything in the internet. Nevertheless I would prefer to use LegacyDisable because in this way other tools like ShellMenuExt will display the deactivated entries properly.
But its really sad that this blog does not support a notification on comments. I thought this is standard in nearly every blog…
BTW Another improvement could be to display the date when a comment is written. At the moment it’s not possible to decide if a comment is really “deprecated”. At least this should be possible…?
And I suggest to display the date of publishing a blog posting at the top of the article and not somewhere below the whole text. It’s difficult to navigate in this blog, and this would make the whole thing a little bit easier.
…no, I meant your quotation regarding LegacyDisable. I did not find the quotated italic text.
Ah. MSDN.
See ” Registering Verbs for Backward Compatibility”.
Ok, thanks for the link. It’s an archived doc, so it cannot be found through the MSN search…!
yep, it took 15 mins for me to find it.