Hard Disk Encryption
      Back to home
      1. INFO CENTER
      2. Hard Disk Encryption

      Windows OS Hard Drive Encryption - BitLocker

      Turning on disk encryption for Windows OS with screenshots

      TEKRiSQ shield

      Before we start, please be aware of the following requirements:

      1. TPM must be version 1.2 and up.
      2. TPM is a physical chip located on your motherboard and does the encryption calculations needed for BitLocker to encrypt:



      3. Sometimes TPM needs to be turned on through the BIOS (if you aren't tech savvy, I wouldn't recommend attempting this on your own):

      If you need to enable Trusted Platform Module (TPM) 2.0 in your bios as a windows 10/11 requirement, please take the following steps:

      1. Restart your PC.

      2. Hold down the F2 key (FN F2 if no dedicated function keys) during boot up to get to the BIOS menu.

      3. Use the arrow keys to navigate to the Security tab.

      4. Find a listing for either TPM, Intel Platform Trust Technology (IPTT), or AMD CPU fTPM.

      5. Toggle to “Enabled”.

      6. Finally, hit F10 to Save and Exit BIOS.

      Note: After following all of the instructions above, TPM 2.0 should be enabled in your system.

        4.   Sometimes you would need to change settings in your "Local Group Policy Editor":


      Set Allow BitLocker without a compatible TPM

      5.  Windows 10/11 Pro Edition is required for the full version of BitLocker.

      6.  Windows 10/11 Home Edition has a light version of BitLocker called "Device Encryption".


      There are various configurations to each computer and each case might be unique, depending on the multiple factors mentioned earlier.

       

      On most newer computers, TPM will be enabled by default and BitLocker will be available to turn on with a few clicks by right-clicking your C:\ drive followed by "Turn on BitLocker" as shown here:

      Another way to get to the BitLocker Control Panel is to search for "Manage Bitlocker", as shown here:

      For full instructions with step-by-step pictures, please click here for the PDF instructions.

       

      At the end of the encryption process, it will ask you what to do with the recovery key, make sure to save the recovery key in a cloud application such as: Box, DropBox, Google Drive, etc.

       

      This recovery key will be needed in the case you will need to decrypt your hard disk and recover the operating system so make sure to keep it handy in the case you won't have access to your computer, you can always rely on another device to access that recovery key.

       

       

      TEKRiSQ+shield