diff --git a/lib/EAPBase/include/EAP.h b/lib/EAPBase/include/EAP.h
index c1319ef..fe9b52f 100644
--- a/lib/EAPBase/include/EAP.h
+++ b/lib/EAPBase/include/EAP.h
@@ -21,6 +21,10 @@
 #define IDR_EAP_KEY_PUBLIC  1
 #define IDR_EAP_KEY_PRIVATE 2
 
+#ifndef EAP_ENCRYPT_BLOBS
+#define EAP_ENCRYPT_BLOBS 1
+#endif
+
 #if !defined(RC_INVOKED) && !defined(MIDL_PASS)
 
 #include <sal.h>
diff --git a/lib/EAPBase/include/Module.h b/lib/EAPBase/include/Module.h
index 4f8f370..9d296ac 100644
--- a/lib/EAPBase/include/Module.h
+++ b/lib/EAPBase/include/Module.h
@@ -543,7 +543,7 @@ namespace eap
             _In_                           DWORD dwDataInSize,
             _Out_                          EAP_ERROR **ppEapError)
         {
-#if 1
+#if EAP_ENCRYPT_BLOBS
             // Prepare cryptographics provider.
             winstd::crypt_prov cp;
             if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
@@ -590,7 +590,7 @@ namespace eap
             _Out_       DWORD     *pdwDataOutSize,
             _Out_       EAP_ERROR **ppEapError)
         {
-#if 1
+#if EAP_ENCRYPT_BLOBS
             // Allocate BLOB.
             std::vector<unsigned char, winstd::sanitizing_allocator<unsigned char> > data;
             data.resize(eapserial::get_pk_size(record));
diff --git a/lib/EAPBase/src/Module.cpp b/lib/EAPBase/src/Module.cpp
index e6ddacb..1d0aedd 100644
--- a/lib/EAPBase/src/Module.cpp
+++ b/lib/EAPBase/src/Module.cpp
@@ -93,8 +93,10 @@ BYTE* eap::module::alloc_memory(_In_ size_t size)
 
 void eap::module::free_memory(_In_ BYTE *ptr)
 {
+#if !EAP_ENCRYPT_BLOBS
     // Since we do security here and some of the BLOBs contain credentials, sanitize every memory block before freeing.
     SecureZeroMemory(ptr, HeapSize(m_heap, 0, ptr));
+#endif
     HeapFree(m_heap, 0, ptr);
 }