Recover deleted, formatted or corrupted data from hard drive or external device.
Free TrialQuick Navigation:
- 1. BitLocker System Requirements
- 2. How to enable BitLocker to go on external hard drives?
- 3. How to configure BitLocker on the System Drive?
BitLocker is a Windows feature that encrypts the whole hard drive. It can safeguard your information by encrypting the entire volume and preventing illegal access. Only the encryption key or recovery key has the ability to make the data legible.
You may enable BitLocker on your computer to encrypt all contents if you wish to secure the security of the data you've placed on the disk. You may deploy BitLocker drive encryption to the operating system drive or portable drives by following the specified processes.
BitLocker System Requirements
To use BitLocker on your system, you must satisfy the following criteria:
- When used with a Trusted Platform Module (TPM) version 1.2 or later, BitLocker gives maximum protection. To see if your machine supports TPM, navigate to Start > Device Manager > Security devices.
- If your machine does not support TPM, you can enable BitLocker using the Local Group Policy Editor.
- A computer with TPM requires a Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware, although a machine without TPM does not. During startup, computer firmware must support TPM or USB devices.
- On the hard disk drive, there must be at least two partitions: the system software drive with the required files to boot the computer and the computer drive with the Windows 10 installation. The NTFS file system must be used to format the hard disk.
- BitLocker is not available by default on Mac. If you wish to utilize BitLocker on Mac to encrypt disks or speak and read BitLocker-encrypted drives, a competent BitLocker for Mac can let you use all BitLocker capabilities without limitations.
How to enable BitLocker to go on external hard drives?
In addition to internal drives, portable disks in Windows 10 can be encrypted. BitLocker To Go satisfies your desire to encrypt all types of external disks in order to keep your contents safe. Simply follow the instructions to activate it.
Click the Start button, then go to Control Panel, System & Security, and then BitLocker Drive Encryption.
Select the portable drive to encrypt from the "BitLocker To Go" section.
Turn on BitLocker by clicking the button.
Select Use a password to unlock the drive and enter a password.
Choose how you want to save the recovery key.
Choose how much disk space to secure.
Select an encryption mode for usage.
Start encrypting by clicking the Start encrypting button.
Select the Close option.
Recovery key for BitLocker
When you enable BitLocker security software on your system, an automated BitLocker recovery key is produced. It is a one-of-a-kind 48-digit alphanumeric passphrase.
In the event that you lose your PIN password, your computer reaches the BitLocker setup file due to unauthorized activity, or you transfer the BitLocker-enabled hard drive into another system, the BitLocker recovery key is used to unlock your system.
The BitLocker recovery key must be kept in a secure location. You cannot access your data if you forget your password and lose the recovery key. You may email the recovery key to yourself, save it to a file, or print it. It is preferable to save the recovery key in more than one location for further security.
How to configure BitLocker on the System Drive?
BitLocker can encrypt the operating system disk regardless of whether your machine has a TPM chip. You must first activate the policy without TPM support for a device that does not have TPM. To enable BitLocker on a TPM-enabled device, follow these steps:
Click the Start button, then go to Control Panel, System & Security, and then BitLocker Drive Encryption.
Click the Turn on BitLocker option under the "Operating system drive" column.
Choose how you want to save the backup solution.
Choose how much storage capacity to encrypt.
Select an encryption mode for usage.
Check the option to run the BitLocker system check.
Hit the next button, then the Restart icon.
To activate BitLocker on a device that does not have a TPM:
Search for gpedit in the Start menu, then pick the Local Group Policy Editor.
Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives.
Select the Enabled option after double-clicking the Require extra authentication at startup policy.
Check the "Allow BitLocker without a suitable TPM (needs a password or a USB flash drive startup key)" box.
Click OK after applying the change.
Click the Start button, then go to Control Panel, System & Security, and then BitLocker Drive Encryption.
Click the Turn on BitLocker option under the "Operating system drive" column.
Choose an encryption technique, such as a USB or a password, to unlock the device.
Make and confirm your password.
Choose how you want to save the recovery key.
Choose how much disk space to encrypt.
Select an encryption mode for usage.
Check the option to run the BitLocker system check.
Select the Continue button, then the Restart button.
Now that you know what BitLocker is, it is time to implement this encryption technique and secure your system.
DoYourData Products
Written & Updated by Justin Kenny
Justin Kenny is a writer & editor of DoYourData. He joined DoYourData in 2016 and focuses on writing articles about Windows data recovery, Mac data recovery, external device data recovery, hard drive clone, data erasure, Mac cleanup, computer issue fixes, etc. He is a super fan of Apple devices and is big on testing new digital device and system utility software.