Home » Windows 10 » BitLocker Drive Encryption.

BitLocker Drive Encryption.

By
Table Of Contents
  1. What Is BitLocker Drive Encryption?
  2. How To Enable BitLocker.

What Is BitLocker Drive Encryption?

BitLocker is a drive encryption software from Microsoft. When enabled, it’ll encrypt the contents of your computer hard drive, all your files (documents, pictures etc).

It works automatically, encrypting your drive whenever you shutdown your PC, and un-encrypting the drive when you start your computer up.

Is BitLocker Free?

Yes it’s free and is already installed on the Pro versions of both Windows 10 & Windows 11.

However it isn’t available for the Home versions of Windows. It’s one of the extras that you’re paying for when you buy a computer with Windows Pro rather than Windows Home.

How To Check If BitLocker Is Enabled?

The easiest way to check if your hard drive is encrypted is to search for it from the Start menu.

Click the Start button and then type “bitlocker”. Click on Manage BitLocker (Control Panel).

If you don’t see Manage BitLocker Control Panel at the top of the search panel, then you probably have a Home version of Windows and it isn’t available.

Searching for BitLocker from the Windows Start menu.

BitLocker Drive Encryption Screen

On the BitLocker Drive Encryption screen, you’ll see whether or not BitLocker is enabled on your computer.

BitLocker Drive Encryption is turned off.

How To Save BitLocker Encryption Keys.

If BitLocker is enabled on your computer, then it’s vitally important that you backup the recovery key.

To save the recovery keyclick on Back Up Your Recovery Key. You’ll have the option to save it to your Microsoft account (if you have one), to a file on a USB drive or to print the recovery key (assuming you’ve got a printer).

If you use the MS account option, be sure that you know your log in credentials. You’ll need to know the password (the PIN won’t work) and have access to any 2FA device that you might be using.

Personally, I’d recommend saving to a USB drive AND printing if you have that option.

Recovery key backup link is highlighted.

How To Turn BitLocker Drive Encryption Off.

If BitLocker is on, then all your files and possibly your entire hard drive are currently encrypted. That’s not always a good thing, it really depends on you and how you use your computer.

You do have the option to turn BitLocker off. But be aware that it take a long time to decrypt your files. It all depends on the speed of your hard drive and how much data is encrypted.

How To Enable BitLocker.

Open the BitLocker Drive Encryption screen by clicking the Start button and typing “bitlocker“. Click on Manage BitLocker (Control Panel).

On the BitLocker screen, click Turn BitLocker On.

Enable BitLocker

How Do You Want To Backup Your Recovery Key?

You’ll need to have a recovery key if something goes wrong later on. So it’s very important that you backup the recovery key.

You’ll have 3 choices –

  1. Save to your Microsoft account – This is the easiest to do since you’re probably logged in with your MS account anyway. But be careful, if you find that you’re locked out of your MS account at some point, you might not be able to access the recovery key.
  2. Save to file – You can save a simply text file with the recovery key included in it. However the file needs to be saved on to another drive. You can’t just save it to your desktop (for example). A USB drive would be perfect for the job, but do be sure that it works properly.
  3. Print the recovery key – If you have a printer, perfect.

Select one of the options and then follow the onscreen instructions.

Options to save BitLocker recovery key.

How Much Of Your Drive To Encrypt?

BitLocker can encrypt just the files and folders that are present on the hard or encrypt the entire drive regardless of whether it holds any data or not.

If you’re setting up a new PC, or maybe you’ve recently changed the hard drive, then it’s pretty safe to choose the first option “Encrypt used space only”.

On the other hand, if the computer has been used over any length of time, then you’ve probably got old deleted files spread across the hard drive. Those files may or may not be sensitive files, but it’s probably safer to simply encrypt the entire drive.

Which Encryption Mode To Use?

This is important because you might need to mount the hard drive in another computer in order to rescue your files from it. Which is why Microsoft give the choice of using the New Mode or a Compatible Mode.

Both Windows 10 & Windows 11 use the New Encryption Mode. Generally this would be the option to choose.

The only reason for selecting Compatible Mode is if you might be mounting the drive in an older PC that runs on an earlier version of Windows.

Run BitLocker System Check.

In my opinion you should definitely select Run BitLocker System Check.

What this will do is to restart your computer and check that BitLocker can access the encryption keys that are stored in the TPM (Trusted Platform Module).

If there’s any sort of an issue, or problem with the TPM, it’s much better to find out now, before any data has been encrypted.

Run system check has been selected.

If all goes well you’re computer will restart and you’ll see a notification that encryption has started.

Encryption is in progress notification highlighted.

Summary.

When you check you’re BitLocker status, if it’s already enabled, do make time to backup the recovery keys. Save them somewhere that you can get.

If you intend to turn it on, then the same goes, save those recovery keys.

More Easy Computer Guides.

Scroll to Top