BitLocker is a tool built into Windows that lets you encrypt an entire hard drive for enhanced security. Heres how to set it up.
When TrueCrypt controversially closed up shop, they recommended their users transition away from TrueCrypt to using BitLocker or Veracrypt. BitLocker has been around in Windows long enough to be considered mature, and is anencryption product generally well-regarded by security pros. In this article, were going to talk about how you can set it up on your PC.
RELATED: Should You Upgrade to the Professional Edition of Windows 10?
Note: BitLocker Drive Encryption and BitLocker To Go require a Professional or Enterprise edition of Windows 8 or 10, or the Ultimate version of Windows 7. However, starting with Windows 8.1, the Home and Pro editions of Windows include a Device Encryption feature(a feature also included in Windows 10) that works similarly. We recommend Device Encryption if your computer supports it, BitLocker for Pro users who cant use Device Encryption, and VeraCrypt for people using a Home version of Windows where Device Encryption wont work.
Many guides out there talk about creating a BitLocker container that works much like the kind of encrypted container you can create with products like TrueCrypt or Veracrypt. Its a bit of a misnomer, but you can achieve a similar effect. BitLocker works by encrypting entire drives. That could be your system drive, a different physical drive, or a virtual hard drive (VHD) that exists as a file and is mounted in Windows.
RELATED: How to Create an Encrypted Container File With BitLocker on Windows
The difference is largely semantic. In other encryption products, you usually create an encrypted container, and then mount it as a drive in Windows when you need to use it. With BitLocker, you create a virtual hard drive, and then encrypt it. If youd like to use a container rather than, say, encrypt your existing system or storage drive, check out our guide to creating an encrypted container file with BitLocker.
For this article, were going to concentrate on enabling BitLocker for an existing physical drive.
RELATED: How to Use BitLocker Without a Trusted Platform Module (TPM)
To use BitLocker for a drive, all you really have to do is enable it, choose an unlock methodpassword, PIN, and so onand then set a few other options. Before we get into that, however, you should know that using BitLockers full-disk encryption on a system drive generally requires a computer with a Trusted Platform Module (TPM) on your PCs motherboard. This chip generates and store the encryption keys that BitLocker uses. If your PC doesnt have a TPM, you can use Group Policy to enable using BitLocker without a TPM. Its a bit less secure, but still more secure than not using encryption at all.
You can encrypt a non-system drive or removable drive without TPM and without having to enable the Group Policy setting.
On that note, you should also know that there are two types of BitLocker drive encryption you can enable:
In Windows 7 through 10, you really dont have to worry about making the selection yourself. Windows handles things behind the scenes, and the interface youll use to enable BitLocker doesnt look any different. If you end up unlocking an encrypted drive on Windows XP or Vista, youll see the BitLocker to Go branding, so we figured you should at least know about it.
So, with that out of the way, lets go over how this actually works.
The easiest way to enable BitLocker for a drive is to right-click the drive in a File Explorer window, and then choose the Turn on BitLocker command. If you dont see this option on your context menu, then you likely dont have a Pro or Enterprise edition of Windows and youll need to seek another encryption solution.
Its just that simple. The wizard that pops up walks you through selecting several options, which weve broken down into the sections that follow.
The first screen youll see in the BitLocker Drive Encryption wizard lets you choose how to unlock your drive. You can select several different ways of unlocking the drive.
If youre encrypting your system drive on a computer thatdoesnt have a TPM, you can unlock the drive with a password or a USB drive that functions as a key. Select your unlock method and follow the instructions for that method (enter a password or plug in your USB drive).
RELATED: How to Enable a Pre-Boot BitLocker PIN on Windows
If your computer does have a TPM, youll see additional options for unlocking your system drive. For example, you can configure automatic unlocking at startup (where your computer grabs the encryption keys from the TPM and automatically decrypts the drive). You could alsouse a PIN instead of a password, or even choose biometric options like a fingerprint.
If youre encrypting a non-system drive or removable drive, youll see only two options (whether you have a TPM or not). You can unlock the drive with a password or a smart card (or both).
BitLocker provides you with a recovery key that you can use to access your encrypted files should you ever lose your main keyfor example, if you forget your password or if the PC with TPM dies and you have to access the drive from another system.
You can save the key to your Microsoft account, a USB drive, a file, or even print it. These options are the same whether youre encrypting a system or non-system drive.
If you back up the recovery key to your Microsoft account, you can access the key later at https://onedrive.live.com/recoverykey. If you use another recovery method, be sure to keep this key safeif someone gains access to it, they could decrypt your drive and bypass encryption.
You can also back up your recovery key multiple ways if you want. Just click each option you want to use in turn, and then follow the directions. When youre done saving your recovery keys, click Next to move on.
Note: If youre encrypting a USB or other removable drive, you wont have the option of saving your recovery key to a USB drive. You can use any of the other three options.
BitLocker automatically encrypts new files as you add them, but you must choose what happens with the files currently on your drive. You can encrypt the entire driveincluding the free spaceor just encrypt the used disk files to speed up the process. These options are also the same whetheryoure encrypting a system or non-system drive.
RELATED: How to Recover a Deleted File: The Ultimate Guide
If youre setting up BitLocker on a new PC, encrypt the used disk space onlyits much faster. If youre setting BitLocker up on a PC youve been using for a while, you should encrypt the entire drive to ensure no one can recover deleted files.
When youve made your selection, click the Next button.
If youre using Windows 10, youll see an additional screen letting you choose an encryption method. If youre using Windows 7 or 8, skip ahead to the next step.
Windows 10 introduced a new encryption method named XTS-AES. It provides enhanced integrity and performance over the AES used in Windows 7 and 8. If you know the drive youre encrypting is only going to be used on Windows 10 PCs, go ahead and choose the New encryption mode option. If you think you might need to use the drive with an older version of Windows at some point (especially important if its a removable drive), choose the Compatible mode option.
Whichever option you choose (and again, these are the same for system and non-system drives), go ahead and click the Next button when youre done, and on the next screen, click the Start Encrypting button.
The encryption process can take anywhere from seconds to minutes or even longer, depending on the size of the drive, the amount of data youre encrypting, and whether you chose to encrypt free space.
If youre encrypting your system drive, youll be prompted to run a BitLocker system check and restart your system. Make sure the option is selected, click the Continue button, and then restart your PC when asked.After the PC boots back up for the first time, Windows encrypts the drive.
If youre encrypting a non-system or removable drive, Windows does not need to restart and encryption begins immediately.
Whatever type of drive youre encrypting, you can check the BitLocker Drive Encryption icon in the system tray to see its progress, and you can continue using your computer while drives are being encryptedit will just perform more slowly.
If your system drive is encrypted, unlocking it depends on the method you chose (and whether your PC has a TPM). If you do have a TPM and elected to have the drive unlocked automatically, you wont notice anything differentyoull just boot straight into Windows like always. If you chose another unlock method, Windows prompts you to unlock the drive (by typing your password, connecting your USB drive, or whatever).
RELATED: How to Recover Your Files From a BitLocker-Encrypted Drive
And if youve lost (or forgotten) your unlock method, press Escape on the prompt screen to enter your recovery key.
If youve encrypted a non-system or removable drive, Windows prompts you to unlock the drive when you first access it after starting Windows (or when you connect it to your PC if its a removable drive). Type your password or insert your smart card, and the drive should unlock so you can use it.
In File Explorer, encrypted drives show a gold lock on the icon (on the left). That lock changes to gray and appears unlocked when you unlock the drive (on the right).
You can manage a locked drivechange the password, turn off BitLocker, back up your recovery key, or perform other actionsfrom the BitLocker control panel window. Right-click any encrypted drive, and then select Manage BitLocker to go directly to that page.
Like all encryption, BitLocker does add some overhead. Microsofts official BitLocker FAQ says that Generally it imposes a single-digit percentage performance overhead. If encryption is important to you because you have sensitive datafor example, a laptop full of business documentsthe enhanced security is well worth the performance trade-off.
- COVID-19 Impact on Global Encryption Software Market Report to Share Key Aspects of the Industry with the details of Influence Factors - Scientect - September 4th, 2020
- Encryption Software Market: Regional Overview and Trends Evaluation to 2026 - Fractovia News - September 4th, 2020
- Encryption Software Market is Expected to reach $2.16 billion by 2020| Growing at a CAGR (compounded annual growth rate) of CAGR of 14.27% from 2014... - September 4th, 2020
- WD unveils encrypted ArmorLock SSD that unlocks using your smartphone - 9to5Toys - September 4th, 2020
- Encryption Software Market report, upcoming trends, share report, growth size, industry players and global forecast to 2025 - Galus Australis - September 4th, 2020
- COVID-19 Impact on Global Encryption Software Market: Global Industry Analysis by Size, Share, Growth, Trends and Forecast 2020 2025 - The Daily... - September 4th, 2020
- Hardware Encryption Technology Steady Growth to be Witnessed by 2019-2029 - The News Brok - September 4th, 2020
- Encryption Software Market to Witness Astonishing Growth by 2026 | Dell , Eset , Gemalto and more - The Daily Chronicle - September 4th, 2020
- IIT Guwahati Research team working towards protecting data from cyber attacks - India Today - September 4th, 2020
- Five Security Blind Spots You Might Not Realize You Have - Government Technology - September 4th, 2020
- Cloud Encryption MARKET 2020 BY MANUFACTURERS, REGIONS, TYPE AND APPLICATION, FORECAST TO 2027 - Scientect - September 4th, 2020
- Network Encryption Market Trends, Outlook and Forecasts to 2025 by: Gemalto, Riverbed Technology, IBM Corporation, SolarWinds Inc., Juniper Networks... - September 4th, 2020
- What is the Importance of Encryption in the Business Network - Enterprise Security Mag - September 2nd, 2020
- How to enable end-to-end encryption for the Nextcloud app - TechRepublic - September 2nd, 2020
- The Feds Need to Listen in on Your Encrypted Knowledge. It is "for the Youngsters." - The Shepherd of the Hills Gazette - September 2nd, 2020
- NordVPN review: An encryption powerhouse with the best VPN bang for your buck - CNET - September 2nd, 2020
- Homomorphic encryption: Deriving analytics and insights from encrypted data - CSO Online - September 2nd, 2020
- Encryption Key Management 2020-2025 | Global Market Trends, Applications, Size, Types, Key Manufacturers and Forecast Research - The Daily Chronicle - September 2nd, 2020
- AES Encryption Software Market : Global Strategies and Insight driven transformation 2020 2026 - SG Research Sphere - September 2nd, 2020
- IIT Guwahati researchers develop algorithms to protect information like health data from cyberattacks - EdexLive - September 2nd, 2020
- Global Cloud Encryption Market- Industry Analysis and forecast 2020 2027: By Industrial verticals, Services, and Region. - Galus Australis - September 2nd, 2020
- Data Encryption Market Size 2020 By Global Business Trends, Share, Future Demand, Leading Players Updates and Forecast to 2026 (Based on 2020 COVID-19... - September 2nd, 2020
- Mobile Encryption Technology Market : Global Trends, Analysis and Forecast 2025 - The Daily Chronicle - September 2nd, 2020
- How to Encrypt Files with gocryptfs on Linux - How-To Geek - September 2nd, 2020
- GlobeX Data launches Sekur, its secure, encrypted email and messaging solution - Proactive Investors USA & Canada - September 2nd, 2020
- What to do in the event of a ransomware attack - Charity Digital News - September 2nd, 2020
- Activate these 4 WhatsApp settings NOW to stop snoopers including face-lock and encryption - The Sun - September 2nd, 2020
- TLS Is Only as Strong as Its Weakest Link - Hashed Out by The SSL Store - Hashed Out by The SSL Store - September 2nd, 2020
- Encryption Management Solutions Market Trends, Size, Share, Status, Analysis And Forecast To 2025 - The News Brok - September 2nd, 2020
- Cloud Encryption Market Insights Business Opportunities, Current Trends And Restraints Forecast 2026 - Reports Watch - September 2nd, 2020
- 9 ways to build privacy into cloud applications - Reseller News - September 2nd, 2020
- Russia's New Blockchain Voting System Isn't Ready, but It'll Be Used This Month Anyway - Business Blockchain HQ - September 2nd, 2020
- Encryption and endpoint control: the heroes of post-lockdown data security - TEISS - August 20th, 2020
- Global Encryption Software Market 2020: Industry Analysis by Size, Share, Demand, Growth rate and Forecasts Till 2025 - The News Brok - August 20th, 2020
- Techdirt Podcast Episode 252: The Key To Encryption - Techdirt - August 20th, 2020
- Researchers Develop Attacks Targeting End-to-End Encryption in Emails - Decipher - August 20th, 2020
- Encryption Software Market- Global Outlook and Forecast 2018-2026 - Kentucky Journal 24 - August 20th, 2020
- Analyzing Impacts Of COVID-19 On Data Encryption Market Effects, Aftermath And Forecast To 2026 - The Daily Chronicle - August 20th, 2020
- Commercial Encryption Software Market Analysis And Demand With Forecast Overvie - News by aeresearch - August 20th, 2020
- Cloud Encryption Market Estimated to Experience a Hike in Growth by 2026 - Scientect - August 20th, 2020
- Why it's important to encrypt everything, everywhere, all the time - SecurityBrief Asia - August 20th, 2020
- Optical Encryption Market with Brief Introduction, Industry Overview, Scope, Size and Forecast Analysis 2025 - Scientect - August 20th, 2020
- What is On-the-Fly Memory Encryption? - Electropages - August 8th, 2020
- AFP says it made three requests for assistance in breaking encryption in 2019-20 - iTWire - August 8th, 2020
- Blue Canyon Technologies Tapped to Build QETSSat Encryption Satellite - Via Satellite - August 8th, 2020
- Encryption Software Market Report to Share Key Aspects of the Industry with the Details of Influence Factors- 2024 - Owned - August 8th, 2020
- Exorcist Ransomware and CIS Exclusion - Security Boulevard - August 8th, 2020
- Beyond Krk: Even more WiFi chips vulnerable to eavesdropping - We Live Security - August 8th, 2020
- Comprehensive Analysis on Endpoint Encryption Software Market based on types and application - The Daily Chronicle - August 8th, 2020
- This hardware-encrypted USB-C drive is rugged, inexpensive, and can run Windows - TechRadar UK - August 8th, 2020
- Zoom's COO is not concerned by app bans in India, says end-to-end encryption for all by year end - Economic Times - August 8th, 2020
- Jihadi Use Of Bots On The Encrypted Messaging Platform Telegram - Middle East Media Research Institute - August 8th, 2020
- Thoughts on encryption legislation - and the real 'link' between 5G and coronavirus - Cloud Tech - July 21st, 2020
- Twitter Urged To Beef Up Encryption 07/20/2020 - MediaPost Communications - July 21st, 2020
- Encryption Software - Market Share Analysis and Research Report by 2025 - CueReport - July 21st, 2020
- Encryption Management Solutions Market 2020 Global Share, Growth, Size, Opportunities, Trends, Regional Overview, Leading Company Analysis And... - July 21st, 2020
- Research Report on Data Encryption Service Market by Current Industry Status, Growth Opportunities, Top Key Players, and Forecast to 2025 -... - July 21st, 2020
- Bill That Mandates Cyber Backdoors Will Leave Front Doors Wide Open - CPO Magazine - July 21st, 2020
- These encrypted iStorage hard drives and flash drives are the ultimate peace of mind for your data - Boing Boing - July 21st, 2020
- Virtual and face-to-face connect to coexist: Zoom COO - Fortune India - July 21st, 2020
- Facebook's Rolling Out Touch ID and Face ID Lock Options for Messenger - Social Media Today - July 21st, 2020
- Global Cloud Encryption Technology Market Expeted To Reach xx.xx mn USD With growth Rate of xx by 2025| Pandamic Impact Analysis : Gemalto, Sophos,... - July 21st, 2020
- Encryption Software Market 2020 Comprehensive Analysis With Top Trends, Size, Share, Future Growth Opportunities & Forecast By 2027 - Connected... - July 21st, 2020
- Cryptocurrencies Have 'No Way' to Comply With US Anti-Encryption Bills - CoinDesk - CoinDesk - July 17th, 2020
- Encryption Key Management Market: Find Out Essential Strategies to expand The Business and Also Check Working in 2020-2027 - Jewish Life News - July 17th, 2020
- Email Encryption Market Worth $9.9 Billion by 2025 - Exclusive Report by MarketsandMarkets - PRNewswire - July 17th, 2020
- Encryption Software Market Overviews With Key Players, Size Growth Drivers As Well As Industry Challenges Opportunities To 2027 - Connected Lifestyle - July 17th, 2020
- Encryption Software Market 2020 | Covid-19 Impact Analysis and Industry Forecast Report Till 2024 - 3rd Watch News - July 17th, 2020
- Encryption Software Market 2020 Overview by Size, Share, Financial Services, Applications, Sales Data and Investment Opportunities till 2025 - Apsters... - July 17th, 2020
- Flash drives and hard drives with military-grade encryption on sale - Mashable - July 17th, 2020
- Hardware Encryption Market: Size, Share, Analysis, Regional Outlook and Forecast 2020-2025 - Express Journal - July 17th, 2020
- IoT Security Solution For Encryption Market Growth By Manufacturers, Type And Application, Forecast To 2026 - 3rd Watch News - July 6th, 2020
- Endpoint Encryption Software Market Growth By Manufacturers, Type And Application, Forecast To 2026 - 3rd Watch News - July 6th, 2020
- Global Hardware-based Full Disk Encryption (FDE) Market Report 2020 by Key Players, Types, Applications, Countries, Market Size, Forecast to 2026... - July 6th, 2020
- Explained: WhatApp calls End-to-End Encrypted, but what does it mean for you? - India Today - July 6th, 2020
- The booming business of encrypted tech serving the criminal underworld - Telegraph.co.uk - July 6th, 2020
- Hardware Encryption Devices Consumption Market Growth By Manufacturers, Type And Application, Forecast To 2026 - 3rd Watch News - July 6th, 2020
- Network Encryption Market Growth By Manufacturers, Type And Application, Forecast To 2026 - 3rd Watch News - July 6th, 2020
- Encryption Software Market Worth $20.1 Billion by 2025 - Exclusive Report by MarketsandMarkets - Yahoo Finance - June 18th, 2020
- Zoom says free users will get end-to-end encryption after all - The Verge - June 18th, 2020