Your Guide to Using BitLocker Encryption on Windows 10
If you have sensitive data on your computer, you’ll want to ensure that it stays secure by encrypting the drive. Here’s how to use BitLocker for just that.
Troubleshooting BitLocker Setup
If you receive the following error when trying to set up BitLocker, it likely means your computer does not support the Trusted Platform Module (1.2) chip.
You can work around the error by launching Group Policy then make an exception. Press Windows key+R then type: gpedit.msc then hit Enter on your keyboard. Expand Administrative Templates then Windows Components then Bitlocker Drive Encryption then click Operating System Drives.
Right-click Require additional authentication at startup then click Edit.
Choose Enabled and then check the box to allow BitLocker without Compatible TPM in the Options section.
For more on this workaround, read our article: How to Enable BitLocker On PCs Without TPM.
Confirm the Changes
Click Start then type: gpforce.exe /update to ensure the changes are applied. I would also recommend you restart your computer after executing this command.
BitLocker might not be for everyone, but for people who work in environments with sensitive data that you travel with, it is recommended. I recommend you invest in a dedicated thumb drive to store your recovery key and also keep a printed copy of the 48 character key just in case you lose either. Also, make sure you create a thorough backup before starting this process. You can never have too many backups of the backup.
Remember that you can encrypt flash and SD drives, too. For more on that read our article: How to Encrypt a USB Flash Drive or SD Card with BitLocker to Go.
9 Comments
Leave a Reply
Leave a Reply
Tom
please would you have a tip how to solve issue with device manufacturer recovery partition? (Lenovo windows recovery partition)
Bitlocker is telling me that I have to manually move this partition but I dont know what it means and what will be the consequences.
Thank you
Gordon Murison
Tom, I just updated my desktop pc to build 1607 clean install. I had a drive bitlocker encrypted. I only reconnect the drive after windows is installed. The drive no longer shows up and I need to go into to disk management to intialize, but when I do windows wants to format the drive, its full of data I can’t replace.
Thanks
Me
Same issue. Plz help
Andre Da Costa
You should always disable encryption before upgrading your operating system on all drives.
Pascal Hubert
Hi,
If you are using XTS-AES encryption algorithm you’ll cannot use hardware encryption with hdd or ssd like Samsung pro or Intel 5×0 series because they recognize only AES and not XTS-AES encryption.
I’m testing this since 2 days with an Intel 530 series!
no luck!
Best regards.
Matt
Hi,
Just purchased in the UK a new HP Envy13 aq0000na (2019) with Windows Home (v.10.0.18362) and recognised that for me Bitlocker was actually turned on for the C drive by default.
Best,
M.
diskman
For full disk encryption you need TPM!
Carlos Giraldo
I think he meant gpupdate /force lol
Dave Bee
Probably need to change that to GPUpdate.exe /force. There are no choices in Windows 10 for encryption options, I have not checked to see what it’s using but there’s no gp policy/folder. A TPM is not required for fake windows 11 they’re redoing the validator, it’s a work in progress. Follow this guide to enable Bitlocker and set Windows Updates for the fast releases and you’ll get it.