Category filter

Script to disable BitLocker on Windows

BitLocker is a security feature built-in into the Windows operating system to enforce encryption on system drives, fixed data drives, and removable drives for data protection. If you no longer need BitLocker encryption for the drives, you can easily disable it via the Control Panel, Windows PowerShell, Command Prompt or other third-party apps.

Using Hexnode’s scripting feature, you can execute the Batch/PowerShell scripts provided below to remotely disable BitLocker encryption for a drive on your Windows devices.


You must first unlock the BitLocker encrypted drive before you can disable BitLocker encryption using these scripts.


The Sample Scripts provided below are adapted from third-party Open-Source sites.

Batch Script to Disable BitLocker

Replace ‘X’ with the actual drive letter of the encrypted volume. For example, the following command will disable BitLocker encryption for drive ‘C’:

manage-bde -off C:

The BitLocker decryption process will begin soon after you successfully execute this batch script. You can check the BitLocker status by running the command below:

If the ‘Percentage Encrypted’ is displayed as 0.0%, the decryption process has been completed.

PowerShell Scripts to Disable BitLocker

Disable BitLocker for a drive

Replace ‘X’ with the actual drive letter for which you need to disable BitLocker encryption.

Disable BitLocker for all drives

This PowerShell script will disable BitLocker encryption for all the encrypted drives on the Windows device.


  • It is recommended to manually validate the script execution on a system before executing the action in bulk.
  • Hexnode will not be responsible for any damage/loss to the system on the behavior of the script.

  • Sample Script Repository