How to Enable or Disable Bitlocker Encryption in Windows – Tom’s Hardware

admin on August 1, 2023 Leave a Comment

Bitlocker is a feature of certain versions of Windows that encrypts your hard drives contents. Without the right decryption key, its virtually impossible to crack this protection. So, even if someone were to physically open your PC, take your internal drive out and attach it to another computer, they could not read the data without that key. If its your drive and you lost the encryption key, see our article on how to find a BitLocker key.

Only some computers and some editions of Microsoft Windows can use the BitLocker feature. If youre using any of the Home versions of Windows, youre out of luck. Only Pro, Enterprise, and Education licenses are eligible.

There are some hardware requirements too, such as having a TPM 1.2 or better (Trusted Platform Module) chip in your system. If your computer does not have the required TPM, youll have to use a USB drive that will be formatted with your encryption key to start up and run the computer. Your C drive must also be set as your first boot device, and not (for example) your USB or optical drives.

Dont worry too much about the requirements, since if your computer isnt ready for BitLocker, you wont find the option to enable it. If youre worried about the possibility that you could lose your files if you encrypt with BitLocker, first read our guide on how to find a BitLocker key and recover files from encrypted drives.

With that said, let's look at how to turn BitLocker on.

Assuming that your computer complies with the requirements, heres how to activate BitLocker on your Windows PC. Were using Windows 11 here, but the same steps apply to Windows 10:

1. Sign into Windows with an Administrator account. If this is your personal computer and youre the only user, youre most likely already the administrator. If not, youll have to ask the administrator to activate BitLocker for you. On a work computer, this is almost certainly someone from the IT department.

2. Open the Start Menu and search for Manage Bitlocker then click on it.

3. Select Turn on BitLocker. BitLocker is individually applied to each one of your drives. So if you have more than one drive, ensure that you turn it on for all of them, assuming you want all of them protected by encryption. Also, bear in mind that if you copy a file from your encrypted drive to a non-encrypted drive, the file will no longer be protected!

4. Select your backup key method and click Next. The backup key will let you decrypt the drive in case you forget your passcode. There are three options here and you can choose more than one. Since weve signed in with our Microsoft Account, well choose that as the backup method here, since that means the key can be recovered from Microsofts servers.

5. Choose how much of the drive to encrypt and click next. Simply choose the method that matches your circumstances. If this is a new PC, choose the first option. If its a PC thats been in use, choose the second.

6. Choose your encryption mode and click next. Choose the first mode for fixed drives, and the second for drives that will be used with other PCs.

7. (Optional) Tick the system check box. This makes sure that your encryption keys are readable. We recommend doing this, even though its not strictly necessary.

8. Click Start Encrypting.

9. Restart your computer.

10. Open BitLocker Management again. Follow steps 1 to 3 again, and now youll see a message that the drive is being encrypted. You can keep using your PC, but you might notice worse performance until the process is done.

Thats it; once encryption is done, your PCs drive is now protected, and even if someone got their hands on it and plugged it into their own computer, its impossible to decrypt the data without the key, or some sort of quantum supercomputer that doesnt exist yet.

If you no longer want to have your drive encrypted, you can turn BitLocker off as easily as you turned it on. However, do note that you dont have to decrypt your drive before formatting it. Formatting will erase all data on the drive, whether encrypted or not. To turn off BitLocker, do the following:

1. Repeat steps 1 to 3 above. This will take you back to the BitLocker Management Window.

2. Click Turn Off Bitlocker next to the drive in question.

3. Click Turn Off Bitlocker again in the confirmation window that pops up.

The drive is now decrypting.

Just as when you encrypted the drive, this process will take a while to complete, but you can keep using your computer as normal with the possibility of slightly worse performance. Most modern computers should have no noticeable performance differences with BitLocker switched on, so theres little downside to using the feature unless you lose your recovery key, but then your most important data should always be backed up in more than one location, such as cloud storage.

Originally posted here:
How to Enable or Disable Bitlocker Encryption in Windows - Tom's Hardware

Related Posts
Posted in Encryption

Comments are closed.