Why is "Reasons for failed automatic device encryption: Hardware Security Test Interface failed" being shown in msinfo32.exe?
The full message is:
Reasons for failed automatic device encryption: Hardware Security Test Interface failed and device is not Modern Standby, Un-allowed DMA capable bus/device(s) detected
It is shown under the Device encryption support field in msinfo32.exe.
What does this mean? How can I enable "automatic device encryption"?
Security features in my PC:
- Secure Boot: Enabled
- Core Isolation: Enabled
- Memory Integrity: Enabled
- BitLocker: Disabled
- TPM is present in my PC
My answer is based on the assumption that your version is Windows Home. I have highlighted below some important parts of the message:
Reasons for failed automatic device encryption: Hardware Security Test Interface failed and the device is not Modern Standby, TPM is not usable.
This message arrives when device encryption is unavailable in Control Panel.
It is only shown in msinfo32.exe
as the reason for this missing option.
The situation is that the TPM is usable and would work with Bitlocker, but not with device encryption.
The important part here is the word "automatic". Microsoft is saying that it would have enabled device encryption automatically if all the requirements were fulfilled and the login was with a Microsoft account. In this case, the all-important recovery key would be saved to your OneDrive cloud storage for future recovery.
A Windows Pro user would not be required to back up his key to the cloud, nor to have a device with certain capabilities, as Bitlocker will work without it. He could even choose to use a password instead of the TPM (which Microsoft frowns upon as an unsafe practice).
Microsoft is here protecting Windows Home users, supposedly acting in their best interest by not enabling disk encryption automatically. Home users are assumed to not know enough about disk encryption, so this keeps them from unknowingly using encryption and possibly locking themselves out of their computer in the future, even rendering their data inaccessible.
In short, this is a warning that you can ignore if you don't intend to encrypt your disk.
For more information see the articles:
- Difference Between Device Encryption and BitLocker Device Encryption on Windows 10
- How to use Bitlocker on Windows 10 Home