Protecting your personal data is more important than ever. Whether it’s family photos or sensitive financial documents, Microsoft BitLocker is one of the most powerful tools built into Windows to keep your files safe from hackers and thieves.
In this step-by-step guide, I’ll explain exactly how to use BitLocker, how to find your BitLocker recovery key, and what to do if your computer doesn’t support it.
What is BitLocker Drive Encryption?
BitLocker is a “full-volume” encryption feature. Unlike a simple password on a folder, BitLocker scrambles your entire hard drive. If someone steals your laptop, they cannot simply remove the drive and read it on another computer—the data will look like gibberish without the unique encryption key.
BitLocker vs. Device Encryption: Which do you have?
Many users ask: “Can I use BitLocker on Windows Home?”
- BitLocker Drive Encryption: Is available for free on Windows 10/11 Pro, Enterprise, and Education editions. It offers full control and also you can use BitLocker To Go to encrypt USB sticks.
- Device Encryption: Available on Windows Home editions. It uses the same technology but is more automated. If you don’t see “Manage BitLocker” in your settings, look for “Device Encryption” instead.
How to Enable BitLocker on Windows 11 and 10
Follow these steps to secure your drive. Note that while enabling BitLocker doesn’t take long, the actual encryption of a hard disk can take much longer. If you’re doing this on a laptop, make sure you’re plugged in to a wall socket.
- Search for BitLocker: Click the Start button and then type “manage bitlocker“. Click Manage BitLocker (Control Panel) at the top of the search results.
- Turn it on: In the Control Panel window, find your Operating System Drive (usually C:) and click Turn on BitLocker.
- Save Your Recovery Key (CRITICAL): Windows will ask how you want to back up your 48-digit recovery key. Do not skip this. It’s the only way to get your data if something goes wrong. Remember that all your files and folders are going to be encrypted so you need a “backdoor” to get back in to your PC.
Save to Microsoft Account: (Recommended) Best for most home users. Since most people sign in to their MS account when starting the computer, the recovery key can be safely saved into that account. Just ensure that you can access your account from a different device if you need to.
Print it: Keep a physical copy in a safe place. Old school but if you have a printer why not?
Save to a File: Save it to a USB drive (not the drive you are encrypting!). You should use a good quality removable drive, not something that’ll let you down when you need it.
Choosing Your Encryption Settings
After backing up your recovery key you’ll be asked to choose what to encrypt and which encryption mode to use.
Used Space vs. Entire Drive
- New PC? Choose “Encrypt used disk space only.” It’s much faster. All the data currently on the drive will be encrypted. New data will be encrypted as it’s added.
- Old PC? Choose “Encrypt entire drive.” This ensures that even “deleted” files that might still be on the disk are unreadable. It can take a long time, especially if you’re using a HDD rather than an SSD.
New Encryption Mode vs. Compatible Mode
The New Encryption Mode is only readable by Windows 10 or later. For a system drive this is probably the one that you want.
Compatible Mode is an older encryption technology that’s readable by older versions of Windows. For a system drive you’re unlikely to need to use this mode.
Run BitLocker System Check
Are you ready to encrypt this device? Before starting the encryption process BitLocker will give you the option of running a system check to make sure that it can read the TPM (Trusted Platform Module). It’s the TPM that supplies the unlock key every time you start your computer.
Select to run the system check and click Continue. You’ll need to restart your PC.
Assuming everything goes well you’ll see a notification popup in the lower right corner informing you that encryption has started.
Common BitLocker Issues
“This device cannot use a Trusted Platform Module“
If you see this error, either your computer doesn’t have a TPM or your TPM chip might be disabled in the BIOS.
The Fix: Restart your PC, enter the UEFI/BIOS settings, and look for “Security” or “PTM/fTPM.” Ensure it is set to Enabled.
Stuck in a BitLocker Recovery Loop?
Sometimes, a Windows Update or hardware change triggers the BitLocker recovery screen every time you boot.
The Quick Fix: Enter your 48-digit key to get into Windows. Once in, go to Manage BitLocker, click Suspend Protection, and then Resume Protection. This usually “refreshes” the link between BitLocker and your hardware.
FAQs
Where is my BitLocker recovery key?
If you saved it to your Microsoft account, go to https://account.microsoft.com/devices/recoverykey from any device. You’ll probably need your Microsoft password to get in.
Does BitLocker slow down my computer?
On modern PCs with SSDs, the speed difference is unnoticeable (usually less than 1%). The peace of mind is worth the tiny trade-off.
Can I encrypt a USB stick?
Yes! This is called BitLocker To Go. Right-click any USB drive in File Explorer and select Turn on BitLocker. You can then protect it with a password.
What happens if I lose my recovery key?
Warning: If you lose your key and the drive locks, your data is gone. Microsoft cannot reset it for you. Always have at least two backups (Digital and Paper).
Related Posts
How to Enable BitLocker Without TPM (Windows 10 & 11)
A not uncommon issue with older computers is that of a compatible TPM. Easy fix.
Latest Easy Computer Guides
