Use encryption for the security of your data. With the world sinking into digital, yours give they are becoming more and more valuable and more and more in need of protection. The last thing you want to happen is yours data falls into the wrong handsespecially in case you lose one or more of your precious smart devices.
One of the more powerful ways to protect your data is to encrypt it using a program such as BitLocker per Windows 10, which is proprietary encryption software that runs on the Windows platform.
While the instructions in this article are specific to Windows 10, BitLocker is available on Windows Vista Ultimate or Enterprise, Windows 7 Ultimate or Enterprise, Windows 8.1 Pro or Enterprise, and Windows 10 Pro or Enterprise.
- How to disable the lock screen on Windows 10
What is BitLocker?
BitLocker for Windows 10 is encryption software available in versions Windows 10 Pro or Enterprise which allows you to encrypt your entire hard drive and protect your data from prying eyes and unauthorized tampering on your system, such as the type of intrusion that could be committed by malware.
If, like most people, you have the standard or Home version of Windows on our PC, you won't have BitLocker software. However, there was a time when Microsoft initially rolled out the dual-interface operating system and if you upgraded at that time, chances are you have Windows 8 or 8.1 Pro. During the initial launch, the licenses Windows 8 Pro upgrade packages were sold cheap and anyone who was eligible could have them. If you have Pro and moved from Windows 8.1 to Windows 10, the update stayed and BitLocker it's probably on your system.
If you are not sure which version of Windows 10 you are using, go to Start > Settings > Update and security (o System and security )> and search BitLocker. If you don't see BitLocker, it's not available on your PC.
What are the system requirements for BitLocker?
To begin with, you will need a Windows PC and it must be running one of the eligible versions of Windows. It must also have a storage drive with at least 2 partitions and a Trusted Platform Module (TPM).
A TPM is a special type of computer chip that authenticates software, firmware, and hardware. This is especially important because if the TPM detects any unauthorized changes to the system, the computer will boot into Restricted mode to thwart attackers.
Below are instructions on how to check if your computer has the TPM and also how to run BitLocker without it.
- How to access advanced startup options in Windows 10 or 8
Things to know before setting up BitLocker
Before you start setting up BitLocker on your computer, these are some requirements for using BitLocker.
- BitLocker is, for the most part, only available on the Pro and Enterprise versions of Windows, including Windows 10 Pro and Enterprise.
- For best results, you need to have a TPM chip on your computer.
- You may be able to use BitLocker without TPM but it will require additional steps.
- Your hard drive needs at least 2 partitions to run BitLocker. You need to have a system partition with the operating system and another partition with all the files needed to start Windows. If you don't have these partitions, don't worry, BitLocker will create them for you. Partitions should also follow the NTFS file system.
- Depending on the amount of data in the system, encryption may take a long time, so be prepared.
- The computer must always be connected to a power supply during the encryption process.
- Make sure you do a full system backup before encrypting it with BitLocker. While BitLocker is stable, there will always be risks, especially if you don't have a UPS and you run out of power during the encryption process. You can never be too sure; back up your system.
How to check the TPM chip
Since BitLocker requires the TPM chip for authentication, you need to make sure you have one before starting. To do this, start by going to the menu Power User. You can access it by pressing the key Windows e X on the keyboard. Once on the menu Power User, click your Device management.
In Device Manager, look for the Security Devices item. If you have the TMP chip, you need to see an item for Trusted Platform Module along with the version number. For your computer to support BitLocker, the TPM version number must be 1.2 or later.
- What is a restore point?
How to activate BitLocker without the TPM
If you don't have a TPM, you won't be able to turn on BitLocker. You'll still be able to use encryption, but you'll need to enable additional startup authentication via the Local Group Policy Editor.
- Open the command Run. You can do this by pressing the Windows key + R on the keyboard. Once activated on command Run, type gpedit.msc in the field and do click su OK or press Submit.
- In the command result, look for a labeled item Computer configuration. Expand it and search for the item Administrative models. Expand that too.
- In Administrative models expanded, expand the element Windows Components.
- Under the model of Windows Components expanded you will find the element BitLocker Drive Encryption. Expand it and then expand the item Operating system drives that appears below it. His items will appear on the right side.
- On the right side of the window, click on the item that requires Require additional authentication at startup and choose Modification give the menu visualizzato.
- In the window that appears, select the option Qualified.
- Select the checkbox that allows Allow BitLocker without a compatible TPM (requires a password or startup key on a USB flash drive).
- When finished, complete the procedure by doing click su OK.
- How to remove PIN and other sign-in options from Windows 10
How to run BitLocker
After enabling the TPM chip, running BitLocker takes only a few steps.
- Go to menu Power User pressing the Windows key + X on the keyboard. Once there select the item Control Panel.
- Select System and security.
- Click on BitLocker Drive Encryption.
- In the dialog that opens, click your Active BitLocker.
- So, choose Enter a password and choose a password you want to use every time you boot your Windows 10 system to unlock the system drive. Make sure it's a strong password. When done, click NEXT.
- You will be given options to save a recovery key which you will use to save your files in case you forget your password. The available options should be Save to your Microsoft account, a USB flash drive, for an fillet o print the recovery key. Select the one that is most comfortable for you. When done, click NEXT.
- Now you need to select a suitable encryption option for you. If you have a new PC or drive or want the faster option, encrypt used disk space. If your PC or drive has already been in use for a while and you don't mind a slower process, encrypts the entire disk space.
- Choose an encryption mode. You can choose the new encryption mode, which is best for fixed drives on this device, or the compatible mode, which is best for removable drives. When done, click NEXT.
- Select the checkbox named Run BitLocker System Check, then click Continue.
- You will be prompted to restart your computer to begin encryption. Upon restart, BitLocker will ask you to enter an encryption password to unlock the main drive. Enter the password you chose earlier and press the key Submit.
- The computer will boot to the Windows desktop. Nothing will look different, however, the encryption should take place quietly in the background. If you want to verify that this happens, just go on Control Panel > System and security > BitLocker > Drive encryption. There you will see that BitLocker is working to encrypt your files. Depending on the size of the drive and the options selected, the process can take some time. You will still be able to use your computer normally.
- When finished, Drive Encryption should show that BitLocker is active.
If you select Use File Explorer to watch What PC, once BitLocker is enabled and encryption is complete, you should see a lock icon on your drive, showing that it has been encrypted.
- Command Prompt: what it is and how to use it
Additional tips for using BitLocker
Once you've enabled BitLocker, there are a few other things you can do.
- You can suspend protection so that your data is not protected. This is recommended when updating hardware, firmware or operating system. BitLocker will then resume upon reboot.
- You can also back up the recovery key. This is especially important when you lose your recovery key but are still logged in to your account. BitLocker will create a new backup key for you.
- You can also change your password. However, you will need to have the current password to do this. You can also remove your password. However, you'll need to set up a new authentication method as you can't run BitLocker without any authentication (this would defeat the purpose of the whole thing).
- You can also turn off BitLocker if you no longer need BitLocker. BitLocker will decrypt all your files. The decryption process may take a long time (you will still be able to work normally on your computer) and your data will no longer be protected.
- How to reset your PC via reset settings
- How to change the PIN in Bitlocker
- How to put the password on a USB stick without programs
- How to encrypt a USB key and protect your data
- How to protect a USB device, everything you need to know
- How to password protect a folder in Windows 10