Your Guide to Using BitLocker Encryption on Windows 10

If you have sensitive data on your computer, you’ll want to ensure that it stays secure by encrypting the drive. Here’s how to use BitLocker for just that.

Troubleshooting BitLocker Setup

If you receive the following error when trying to set up BitLocker, it likely means your computer does not support the Trusted Platform Module (1.2) chip.

TPM Error

You can work around the error by launching Group Policy then make an exception. Press Windows key+R then type: gpedit.msc then hit Enter on your keyboard. Expand Administrative Templates then Windows Components then Bitlocker Drive Encryption then click Operating System Drives.


Right-click Require additional authentication at startup then click Edit.

 Workaround BitLocker 3

Choose Enabled and then check the box to allow BitLocker without Compatible TPM in the Options section.

 Workaround BitLocker 4

For more on this workaround, read our article: How to Enable BitLocker On PCs Without TPM.

Confirm the Changes

Click Start then type: gpforce.exe /update to ensure the changes are applied. I would also recommend you restart your computer after executing this command.

update policy

BitLocker might not be for everyone, but for people who work in environments with sensitive data that you travel with, it is recommended. I recommend you invest in a dedicated thumb drive to store your recovery key and also keep a printed copy of the 48 character key just in case you lose either. Also, make sure you create a thorough backup before starting this process. You can never have too many backups of the backup.

Remember that you can encrypt flash and SD drives, too. For more on that read our article: How to Encrypt a USB Flash Drive or SD Card with BitLocker to Go.

Pages: 1 2



  1. Tom

    please would you have a tip how to solve issue with device manufacturer recovery partition? (Lenovo windows recovery partition)

    Bitlocker is telling me that I have to manually move this partition but I dont know what it means and what will be the consequences.

    Thank you

  2. Gordon Murison

    Tom, I just updated my desktop pc to build 1607 clean install. I had a drive bitlocker encrypted. I only reconnect the drive after windows is installed. The drive no longer shows up and I need to go into to disk management to intialize, but when I do windows wants to format the drive, its full of data I can’t replace.

    • Me

      Same issue. Plz help

    • Andre Da Costa

      You should always disable encryption before upgrading your operating system on all drives.

  3. Pascal Hubert


    If you are using XTS-AES encryption algorithm you’ll cannot use hardware encryption with hdd or ssd like Samsung pro or Intel 5×0 series because they recognize only AES and not XTS-AES encryption.

    I’m testing this since 2 days with an Intel 530 series!

    no luck!

    Best regards.

  4. Matt


    Just purchased in the UK a new HP Envy13 aq0000na (2019) with Windows Home (v.10.0.18362) and recognised that for me Bitlocker was actually turned on for the C drive by default.


  5. diskman

    For full disk encryption you need TPM!

  6. Carlos Giraldo

    I think he meant gpupdate /force lol

  7. Dave Bee

    Probably need to change that to GPUpdate.exe /force. There are no choices in Windows 10 for encryption options, I have not checked to see what it’s using but there’s no gp policy/folder. A TPM is not required for fake windows 11 they’re redoing the validator, it’s a work in progress. Follow this guide to enable Bitlocker and set Windows Updates for the fast releases and you’ll get it.

Leave a Reply

Your email address will not be published. Required fields are marked *


To Top