2

I have bought a 2 TB crucial MX500 SSD drive, and just installed it on a Windows 7 x64 machine, motherboard Gigabyte EP45-DS5 as a data drive.

Using the crucial Storage Executive software, I can see on the PSID Revert menu that the PSID revert cannot be triggered for the SSD drive and can read that the encryption is not supported on it. For the second drive (the system one, a standard HDD disk), I can read that that the command is not supported (not same words for the 2 disks).

and "The PSID recovery operation will be available when the disk meets all of the following conditions:

  • Encryption is active on the disk. <-- the problem
  • The disk does not contain any mounted partitions. <-- OK
  • The disk is not connected to a RAID controller. <-- OK
  • The disc is not a boot disc. <-- OK"

I have tried to create a partition, mount it, format it. Nothing helps me to have the encrypt mecanism active. I found nothing on the Crucial site (nor anywhere else) that helps me. Not a single word. The encryptions seems to be activated by default, with nothing to do to deal with it. I don't understand.

How can I know if the encrypt mecanism is active or not ? And how can I activate it or be sure to permanently deactivate it ?

Before writing tons of datas on that disk...

Giacomo1968
  • 58,727
Oliver
  • 285
  • 1
  • 6
  • 14

2 Answers2

0

After doing some research and testing with a Crucial M500 I have, it appears that if the label includes a PSID then it is encrypted from the factory. If you perform a PSID reset, then the encryption is permanently deactivated. I have not contacted support regarding this, but after issuing the PSID reset, I now get an error stating that encryption is not supported on the drive.

Therefore, if you want to permanently deactivate the built-in encryption, I recommend issuing a PSID reset command from Crucial's Storage Executive tool. Note that this will make all existing data on the drive unreadable and will appear as a clean drive after the process completes.

Jared
  • 17
  • 1
0

Crucial’s MX500 has an “always ready” approach to hardware encryption but to revert it the drive must not be online or have any active partitions. It cannot be your boot drive either. So to reset your drive and put it back into service with hardware encryption:

  1. Create and boot from a Windows To Go thumb drive. (Use Rufus and your choice of ISO) Boot from the thumb drive.

  2. Install Micron Storage Executive or Crucial Storage Executive after logging into your Win2Go drive. Close the software after install.

  3. Open Disk Manager. Right click on the drive in the bottom section and set it “Offline”. Keep disk Manager open.

  4. Open Storage Executive and select the PSID Revert tab on the left. Input the PSID and allow the process to finish. Close Storage Executive.

  5. Mark the drive as “Online” in Disk Manager. Close Disk Manager.

  6. Open an elevated Command Prompt and start ‘diskpart’.

    List disk ⇒ Select disk x ⇒ Clean ⇒ Do not initialize the disk.

  7. Shutdown the system. The drive is now reset to out of box factory state. The drive is ready to be reused WITH hardware encryption in a ready to enable state.

  8. If you intend to use the drive elsewhere stop here. You’ve factory reset it.

  9. If you intend to reinstall Windows immediately then after it’s installed and you're logged in, open an elevated command prompt to issue

    manage-bde -on C: -fet hardware

    It will take a few seconds, but the output will confirm the system needs to be reset to finish enabling encryption. It's worth noting that you can use Group Policy to restrict BitLocker to hardware only and disallow fallback to software encryption. -fet is the argument for “Force Encryption Type” which we've set to hardware.

  10. After the system reboots open an elevated command prompt and check using

    manage-bde -status C:

    If you get hardware encryption then add a numerical protector (the long string of numbers used to recover the drive).

    manage-bde -protectors -add -rp C:

    You can now use BitLocker to upload your recovery key to Microsoft or Save/Print it for local storage.

Clcmh
  • 9