HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE

Configure use of hardware-based encryption for removable data drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVHardwareEncryption
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVAllowSoftwareEncryptionFailover
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVRestrictHardwareEncryptionAlgorithms
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVAllowedHardwareEncryptionAlgorithms
Enforce drive encryption type on removable data drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVEncryptionType
Configure use of smart cards on removable data drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVAllowUserCert
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVEnforceUserCert
Allow access to BitLocker-protected removable data drives from earlier versions of Windows
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVDiscoveryVolumeType
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVNoBitLockerToGoReader
Deny write access to removable drives not protected by BitLocker
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVDenyCrossOrg
Configure use of passwords for removable data drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVPassphrase
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVEnforcePassphrase
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVPassphraseComplexity
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVPassphraseLength
Control use of BitLocker on removable drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVConfigureBDE
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVAllowBDE
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVDisableBDE
Choose how BitLocker-protected removable drives can be recovered
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVRecovery
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVRecoveryPassword
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVRecoveryKey
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVManageDRA
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVHideRecoveryPage
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVActiveDirectoryBackup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVRequireActiveDirectoryBackup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVActiveDirectoryInfoToStore
Configure use of hardware-based encryption for fixed data drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVHardwareEncryption
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVAllowSoftwareEncryptionFailover
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVRestrictHardwareEncryptionAlgorithms
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVAllowedHardwareEncryptionAlgorithms
Enforce drive encryption type on fixed data drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVEncryptionType
Configure use of smart cards on fixed data drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVAllowUserCert
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVEnforceUserCert
Allow access to BitLocker-protected fixed data drives from earlier versions of Windows
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVDiscoveryVolumeType
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVNoBitLockerToGoReader
Configure use of passwords for fixed data drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVPassphrase
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVEnforcePassphrase
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVPassphraseComplexity
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVPassphraseLength
Choose how BitLocker-protected fixed drives can be recovered
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVRecovery
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVRecoveryPassword
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVRecoveryKey
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVManageDRA
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVHideRecoveryPage
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVActiveDirectoryBackup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVRequireActiveDirectoryBackup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVActiveDirectoryInfoToStore
Allow Secure Boot for integrity validation
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSAllowSecureBootForIntegrity
Allow devices compliant with InstantGo or HSTI to opt out of pre-boot PIN.
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSEnablePreBootPinExceptionOnDECapableDevice
Enable use of BitLocker authentication requiring preboot keyboard input on slates
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSEnablePrebootInputProtectorsOnSlates
Configure use of hardware-based encryption for operating system drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSHardwareEncryption
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSAllowSoftwareEncryptionFailover
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSRestrictHardwareEncryptionAlgorithms
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSAllowedHardwareEncryptionAlgorithms
Configure minimum PIN length for startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\MinimumPIN
Allow network unlock at startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSManageNKP
Require additional authentication at startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseAdvancedStartup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\EnableBDEWithNoTPM
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseTPMKey
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseTPMPIN
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseTPMKeyPIN
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseTPM
Require additional authentication at startup (Windows Server 2008 and Windows Vista)
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\EnableNonTPM
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UsePartialEncryptionKey
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UsePIN
Enforce drive encryption type on operating system drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSEncryptionType
Choose how BitLocker-protected operating system drives can be recovered
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSRecovery
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSManageDRA
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSRecoveryPassword
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSRecoveryKey
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSHideRecoveryPage
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSActiveDirectoryBackup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSRequireActiveDirectoryBackup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSActiveDirectoryInfoToStore
Use enhanced Boot Configuration Data validation profile
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSUseEnhancedBcdProfile
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSBcdAdditionalSecurityCriticalSettings
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSBcdAdditionalExcludedSettings
Validate smart card certificate usage rule compliance
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\CertificateOID
Provide the unique identifiers for your organization
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\IdentificationField
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\IdentificationFieldString
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\SecondaryIdentificationField
Disallow standard users from changing the PIN or password
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\DisallowStandardUserPINReset
Reset platform validation data after BitLocker recovery
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\TPMAutoReseal
Configure use of passwords for operating system drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSPassphrase
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSPassphraseComplexity
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSPassphraseLength
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSPassphraseASCIIOnly
Allow enhanced PINs for startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseEnhancedPin
Configure pre-boot recovery message and URL
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RecoveryKeyMessageSource
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RecoveryKeyMessage
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RecoveryKeyUrl
Disable new DMA devices when this computer is locked
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\DisableExternalDMAUnderLock
Prevent memory overwrite on restart
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\MorBehavior
Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later)
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\EncryptionMethodWithXtsOs
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\EncryptionMethodWithXtsFdv
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\EncryptionMethodWithXtsRdv
Choose drive encryption method and cipher strength (Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows 10 [Version 1507])
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\EncryptionMethodNoDiffuser
Choose drive encryption method and cipher strength (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2)
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\EncryptionMethod
Choose default folder for recovery password
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\DefaultRecoveryFolderPath
Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista)
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseRecoveryPassword
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseRecoveryDrive
Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista)
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\ActiveDirectoryBackup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RequireActiveDirectoryBackup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\ActiveDirectoryInfoToStore
Use enhanced Boot Configuration Data validation profile
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSUseEnhancedBcdProfile
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSBcdAdditionalSecurityCriticalSettings
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSBcdAdditionalExcludedSettings
Reset platform validation data after BitLocker recovery
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\TPMAutoReseal
Configure use of passwords for operating system drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSPassphrase
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSPassphraseComplexity
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSPassphraseLength
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSPassphraseASCIIOnly
Allow enhanced PINs for startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseEnhancedPin
Operating system drive encryption settings
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\EnableBDEWithNoTPM
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\DisallowStandardUserPINReset
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UsePartialEncryptionKey
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UsePIN
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseAdvancedStartup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseTPM
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseTPMKey
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseTPMPIN
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\UseTPMKeyPIN
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\MinimumPIN
Choose how BitLocker-protected removable drives can be recovered
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVRecovery
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVManageDRA
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVRecoveryPassword
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVRecoveryKey
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVHideRecoveryPage
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVActiveDirectoryBackup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVActiveDirectoryInfoToStore
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVRequireActiveDirectoryBackup
Configure use of passwords for removable data drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVPassphrase
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVEnforcePassphrase
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVPassphraseComplexity
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVPassphraseLength
Allow access to BitLocker-protected removable data drives from earlier versions of Windows
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVDiscoveryVolumeType
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVNoBitLockerToGoReader
Deny write access to removable drives not protected by BitLocker
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVDenyCrossOrg
Control use of BitLocker on removable drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVConfigureBDE
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVAllowBDE
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RDVDisableBDE
Choose how BitLocker-protected fixed drives can be recovered
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVRecovery
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVManageDRA
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVHideRecoveryPage
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVActiveDirectoryBackup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVActiveDirectoryInfoToStore
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVRequireActiveDirectoryBackup
Configure use of passwords for fixed data drives
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVPassphrase
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVEnforcePassphrase
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVPassphraseComplexity
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVPassphraseLength
Allow access to BitLocker-protected fixed data drives from earlier versions of Windows
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVDiscoveryVolumeType
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\FDVNoBitLockerToGoReader
Configure pre-boot recovery message and URL
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RecoveryKeyMessageSource
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RecoveryKeyMessage
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\RecoveryKeyUrl
Choose how BitLocker-protected operating system drives can be recovered
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSRecovery
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSManageDRA
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSHideRecoveryPage
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSActiveDirectoryBackup
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSActiveDirectoryInfoToStore
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\OSRequireActiveDirectoryBackup
Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later)
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\EncryptionMethodWithXtsOs
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\EncryptionMethodWithXtsFdv
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\EncryptionMethodWithXtsRdv
Choose drive encryption method and cipher strength.
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\EncryptionMethod
Provide the unique identifiers for your organization
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\IdentificationField
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\IdentificationFieldString
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\SecondaryIdentificationField
Validate smart card certificate usage rule compliance
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\CertificateOID
Prevent memory overwrite on restart
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\MorBehavior