BitLocker is a tool built into Windows that lets you encrypt an entire hard drive for enhanced security. Here’s how to set it up.
- Bitlocker Download
- Win 10 Home Bitlocker
- Bitlocker For Windows 10 Home Edition
- Enable Bitlocker For Windows 10 Home
- Bitlocker For Windows 10 Home Download
When TrueCrypt controversially closed up shop, they recommended their users transition away from TrueCrypt to using BitLocker or Veracrypt. BitLocker has been around in Windows long enough to be considered mature, and is an encryption product generally well-regarded by security pros. In this article, we’re going to talk about how you can set it up on your PC.
Use the Windows key + X keyboard shortcut to open the Power User menu and select Control Panel. Click System and Security. Click BitLocker Drive Encryption. Under BitLocker Drive Encryption, click. BitLocker on Windows 10 Home edition Dear community, I would like to use BitLocker to encrypt my hard drive, but I have the standard 8.1 version, which will become Windows 10 Home version when I upgrade. In the search box on the taskbar, type Manage BitLocker and then select it from the list of results. Or you can select the Start button, and then under Windows System, select Control Panel. In Control Panel, select System and Security, and then under BitLocker Drive Encryption, select Manage BitLocker.
RELATED:Should You Upgrade to the Professional Edition of Windows 10?
- This tutorial contains instructions o how to disable Bitlocker Protection and Drive encryption in Windows 10. As you may know, the BitLocker encryption feature which is available in Windows 10 pro and enterprise versions, can help you to protect your PC contents from unauthorized access.
- BitLocker on Windows 10 Home edition Dear community, I would like to use BitLocker to encrypt my hard drive, but I have the standard 8.1 version, which will become Windows 10 Home version when I upgrade.
- If you’re setting BitLocker up on a PC you’ve been using for a while, you should encrypt the entire drive to ensure no one can recover deleted files. When you’ve made your selection, click the “Next” button. Step Five: Choose an Encryption Mode (Windows 10 Only).
- This detailed guide will help you understand the circumstances under which the use of pre-boot authentication is recommended for devices running Windows 10, Windows 8.1, Windows 8, or Windows 7; and when it can be safely omitted from a device’s configuration. Protecting cluster shared volumes and storage area networks with BitLocker.
Note: BitLocker Drive Encryption and BitLocker To Go require a Professional or Enterprise edition of Windows 8 or 10, or the Ultimate version of Windows 7. However, starting with Windows 8.1, the Home and Pro editions of Windows include a “Device Encryption” feature (a feature also included in Windows 10) that works similarly. We recommend Device Encryption if your computer supports it, BitLocker for Pro users who can’t use Device Encryption, and VeraCrypt for people using a Home version of Windows where Device Encryption won’t work.
Encrypt an Entire Drive or Create an Encrypted Container?
Many guides out there talk about creating a BitLocker container that works much like the kind of encrypted container you can create with products like TrueCrypt or Veracrypt. It’s a bit of a misnomer, but you can achieve a similar effect. BitLocker works by encrypting entire drives. That could be your system drive, a different physical drive, or a virtual hard drive (VHD) that exists as a file and is mounted in Windows.
RELATED:How to Create an Encrypted Container File With BitLocker on Windows
The difference is largely semantic. In other encryption products, you usually create an encrypted container, and then mount it as a drive in Windows when you need to use it. With BitLocker, you create a virtual hard drive, and then encrypt it. If you’d like to use a container rather than, say, encrypt your existing system or storage drive, check out our guide to creating an encrypted container file with BitLocker.
For this article, we’re going to concentrate on enabling BitLocker for an existing physical drive.
How to Encrypt a Drive with BitLocker
RELATED:How to Use BitLocker Without a Trusted Platform Module (TPM)
To use BitLocker for a drive, all you really have to do is enable it, choose an unlock method—password, PIN, and so on—and then set a few other options. Before we get into that, however, you should know that using BitLocker’s full-disk encryption on a system drive generally requires a computer with a Trusted Platform Module (TPM) on your PC’s motherboard. This chip generates and store the encryption keys that BitLocker uses. If your PC doesn’t have a TPM, you can use Group Policy to enable using BitLocker without a TPM. It’s a bit less secure, but still more secure than not using encryption at all.
You can encrypt a non-system drive or removable drive without TPM and without having to enable the Group Policy setting.
On that note, you should also know that there are two types of BitLocker drive encryption you can enable:
- BitLocker Drive Encryption: Sometimes referred to just as BitLocker, this is a “full-disk encryption” feature that encrypts an entire drive. When your PC boots, the Windows boot loader loads from the System Reserved partition, and the boot loader prompts you for your unlock method—for example, a password. BitLocker then decrypts the drive and loads Windows. The encryption is otherwise transparent—your files appear like they normally would on an unencrypted system, but they’re stored on the disk in an encrypted form. You can also encrypt other drives than just the system drive.
- BitLocker To Go: You can encrypt external drives—such as USB flash drives and external hard drives—with BitLocker To Go. You’ll be prompted for your unlock method—for example, a password—when you connect the drive to your computer. If someone doesn’t have the unlock method, they can’t access the files on the drive.
In Windows 7 through 10, you really don’t have to worry about making the selection yourself. Windows handles things behind the scenes, and the interface you’ll use to enable BitLocker doesn’t look any different. If you end up unlocking an encrypted drive on Windows XP or Vista, you’ll see the BitLocker to Go branding, so we figured you should at least know about it.
So, with that out of the way, let’s go over how this actually works.
Step One: Enable BitLocker for a Drive
The easiest way to enable BitLocker for a drive is to right-click the drive in a File Explorer window, and then choose the “Turn on BitLocker” command. If you don’t see this option on your context menu, then you likely don’t have a Pro or Enterprise edition of Windows and you’ll need to seek another encryption solution.
It’s just that simple. The wizard that pops up walks you through selecting several options, which we’ve broken down into the sections that follow.
Step Two: Choose an Unlock Method
The first screen you’ll see in the “BitLocker Drive Encryption” wizard lets you choose how to unlock your drive. You can select several different ways of unlocking the drive.
If you’re encrypting your system drive on a computer that doesn’t have a TPM, you can unlock the drive with a password or a USB drive that functions as a key. Select your unlock method and follow the instructions for that method (enter a password or plug in your USB drive).
RELATED:How to Enable a Pre-Boot BitLocker PIN on Windows
If your computer does have a TPM, you’ll see additional options for unlocking your system drive. For example, you can configure automatic unlocking at startup (where your computer grabs the encryption keys from the TPM and automatically decrypts the drive). You could also use a PIN instead of a password, or even choose biometric options like a fingerprint.
If you’re encrypting a non-system drive or removable drive, you’ll see only two options (whether you have a TPM or not). You can unlock the drive with a password or a smart card (or both).
Step Three: Back Up Your Recovery Key
BitLocker provides you with a recovery key that you can use to access your encrypted files should you ever lose your main key—for example, if you forget your password or if the PC with TPM dies and you have to access the drive from another system.
You can save the key to your Microsoft account, a USB drive, a file, or even print it. These options are the same whether you’re encrypting a system or non-system drive.
If you back up the recovery key to your Microsoft account, you can access the key later at https://onedrive.live.com/recoverykey. If you use another recovery method, be sure to keep this key safe—if someone gains access to it, they could decrypt your drive and bypass encryption.
You can also back up your recovery key multiple ways if you want. Just click each option you want to use in turn, and then follow the directions. When you’re done saving your recovery keys, click “Next” to move on.
Note: If you’re encrypting a USB or other removable drive, you won’t have the option of saving your recovery key to a USB drive. You can use any of the other three options.
Step Four: Encrypt and Unlock the Drive
BitLocker automatically encrypts new files as you add them, but you must choose what happens with the files currently on your drive. You can encrypt the entire drive—including the free space—or just encrypt the used disk files to speed up the process. These options are also the same whether you’re encrypting a system or non-system drive.
RELATED:How to Recover a Deleted File: The Ultimate Guide
If you’re setting up BitLocker on a new PC, encrypt the used disk space only—it’s much faster. If you’re setting BitLocker up on a PC you’ve been using for a while, you should encrypt the entire drive to ensure no one can recover deleted files.
When you’ve made your selection, click the “Next” button.
Step Five: Choose an Encryption Mode (Windows 10 Only)
If you’re using Windows 10, you’ll see an additional screen letting you choose an encryption method. If you’re using Windows 7 or 8, skip ahead to the next step.
Windows 10 introduced a new encryption method named XTS-AES. It provides enhanced integrity and performance over the AES used in Windows 7 and 8. If you know the drive you’re encrypting is only going to be used on Windows 10 PCs, go ahead and choose the “New encryption mode” option. If you think you might need to use the drive with an older version of Windows at some point (especially important if it’s a removable drive), choose the “Compatible mode” option.
Whichever option you choose (and again, these are the same for system and non-system drives), go ahead and click the “Next” button when you’re done, and on the next screen, click the “Start Encrypting” button.
Step Six: Finishing Up
The encryption process can take anywhere from seconds to minutes or even longer, depending on the size of the drive, the amount of data you’re encrypting, and whether you chose to encrypt free space.
If you’re encrypting your system drive, you’ll be prompted to run a BitLocker system check and restart your system. Make sure the option is selected, click the “Continue” button, and then restart your PC when asked. After the PC boots back up for the first time, Windows encrypts the drive.
If you’re encrypting a non-system or removable drive, Windows does not need to restart and encryption begins immediately.
Whatever type of drive you’re encrypting, you can check the BitLocker Drive Encryption icon in the system tray to see its progress, and you can continue using your computer while drives are being encrypted—it will just perform more slowly.
Unlocking Your Drive
If your system drive is encrypted, unlocking it depends on the method you chose (and whether your PC has a TPM). If you do have a TPM and elected to have the drive unlocked automatically, you won’t notice anything different—you’ll just boot straight into Windows like always. If you chose another unlock method, Windows prompts you to unlock the drive (by typing your password, connecting your USB drive, or whatever).
RELATED:How to Recover Your Files From a BitLocker-Encrypted Drive
And if you’ve lost (or forgotten) your unlock method, press Escape on the prompt screen to enter your recovery key.
If you’ve encrypted a non-system or removable drive, Windows prompts you to unlock the drive when you first access it after starting Windows (or when you connect it to your PC if it’s a removable drive). Type your password or insert your smart card, and the drive should unlock so you can use it.
In File Explorer, encrypted drives show a gold lock on the icon (on the left). That lock changes to gray and appears unlocked when you unlock the drive (on the right).
You can manage a locked drive—change the password, turn off BitLocker, back up your recovery key, or perform other actions—from the BitLocker control panel window. Right-click any encrypted drive, and then select “Manage BitLocker” to go directly to that page.
Like all encryption, BitLocker does add some overhead. Microsoft’s official BitLocker FAQ says that “Generally it imposes a single-digit percentage performance overhead.” If encryption is important to you because you have sensitive data—for example, a laptop full of business documents—the enhanced security is well worth the performance trade-off.READ NEXT
- › Wi-Fi vs. ZigBee and Z-Wave: Which Is Better?
- › What Does “FWIW” Mean, and How Do You Use It?
- › How to Automatically Delete Your YouTube History
- › What Is “Mixed Content,” and Why Is Chrome Blocking It?
- › How to Manage Multiple Mailboxes in Outlook
Encrypting a removable drive such as a USB memory stick doesn’t take long in Windows 10, and it involves fewer steps than encrypting the operating system drive. After the encryption process ends, each time you plug your device into a Windows computer, File Explorer shows the device with a lock icon, which signals that the device is encrypted. To access its content, you must enter the password set during the encryption process.
Encrypt a removable drive with BitLocker
To encrypt a USB memory stick or an external hard drive, follow these steps:
Win 10 Home Bitlocker
In the search bar on the taskbar, type bitlocker.
A list of search results appears.
Click Manage BitLocker.
The BitLocker Drive Encryption window appears.
In the BitLocker Drive Encryption window, find the removable drive that you want to encrypt and click it.
A list with options appears.
Click the Turn on BitLocker button for that drive.
You’re asked to choose how you want to unlock this drive.
Select Use a Password to Unlock the Drive.
The fields for entering the password and confirming it now are editable.
Type the password in the appropriate fields; then click Next.
You’re asked where you want to back up your recovery key.
Click the option you prefer; then click Next.
You’re asked to choose how much of your drive you want to encrypt and given two options: encrypt the used disk space only or encrypt the entire drive.
Choose how much of your drive you want to encrypt and click Next.
You’re asked whether you’re ready to encrypt the selected drive.
Click Start Encrypting.
When the encryption is done, click Close.
Unlock a removable drive that’s encrypted with BitLocker
Each time you plug the encrypted removable drive into a computer running Windows 10, a notification appears saying that the drive is BitLocker-protected. You can use that notification to unlock the drive at that time, or you can do so later and follow these steps:
Open File Explorer.
Click This PC.
A list with your folders, devices, and drives appears.
Double-click the removable drive.
A BitLocker prompt appears asking for the password to unlock the drive.
Type the password.
Double-click again on the removable drive in File Explorer to open it and see its contents.
Close File Explorer when you finish using the removable drive.
Bitlocker For Windows 10 Home Edition
Decrypt a BitLocker encrypted drive
Enable Bitlocker For Windows 10 Home
The process for decrypting a BitLocker-protected drive is easy. First, unlock the drive by providing the appropriate encryption password and then follow these steps:
In the search bar on the taskbar, type bitlocker.
A list of search results appears.
Click Manage BitLocker.
The BitLocker Drive Encryption window appears.
In the BitLocker Drive Encryption window that appears, find the drive that you want to decrypt and click the Turn Off BitLocker link.
You receive a message saying that the drive will be decrypted.
Click Turn Off BitLocker.
The decryption process starts immediately.
Close the BitLocker Drive Encryption window.
You can resume using your computer.
Bitlocker For Windows 10 Home Download
The decryption process is the same for operating system drives and removable drives. To completely turn off BitLocker, you need to decrypt all drives using the decryption procedure.