What is BitLocker and How to Use it in Windows 10

The popularity of cloud storage solutions has been on the rise for obvious reasons including accessibility, affordability and scalability. In fear of cyber-attacks or out of preference, most people still opt to keep their sensitive data offline in a computer or an external storage disk.

The user can safeguard the device with the data to prevent unauthorized access or modifications. However, you may misplace your storage device, your laptop is stolen or you share your PC with a friend. This means that your stored data is not 100% and unauthorized users could still find their way to your information.

This is where BitLocker comes in. Follow this guide to learn more about how to enhance data security using the Windows 10 BitLocker. We have explored everything there is to know including what BitLocker is, how to use it in Windows 10 and much more.

What is BitLocker and Why is it Important?

BitLocker is system-level security feature available in Windows 10 Enterprise and Pro Editions. The tool utilizes special key management techniques and a hardware component called Trusted Platform Module (TPM) to encrypt the entire drive including external drives.

It uses a complex algorithm and strong 256-bit or 128-bit key to encrypt the contents of the whole disk. Thus, only has the correct encryption key to retrieve, read or write data in the encrypted disk. It is an offline data protection and can be helpful in several situations including:

• Encrypting the system drive to prevent unwanted changes to system settings.
• Keep your personal data safe from other users when sharing a computer.
• Prevent unauthorized access to sensitive information in case of stolen or lost computer/ storage disk.
• Can be used as a parental control tool to restrict access to certain sections of the PC storage.
• It can prevent malware and viruses from damaging your files

Getting Started with Windows 10 BitLocker

Using BitLocker in Windows 10 is not hard and you don't need to download and install any extra app as the tool is bundled with the OS. However, you need to ensure that your OS version and hardware supports the feature. Below are a few quick check:

1. Ensure that your PC is running on the Enterprise or the Pro edition of Windows 10. If you bought the computer with the standard edition, you need to upgrade to use BitLocker.
2.  Ensure that TPM is enabled in Bios.
3. Your hard drive should have at least two partitions – the OS and a Secondary drive.
4. Ensure uninterrupted power supply or at least a few hours of battery life, as the encryption may take long to complete.

Checking TPM in Your Windows 10 PC

TPM is a microchip integrated with the PC motherboard, which handles encryptions for advanced hardware security functionalities.

Open the Run utility by pressing "Win + R" keys. Type the following, 'tpm.msc' and click press Enter on your keyboard.

You may need to activate TPM in BIOS Settings.

This will open the TPM management window showing the details about the chip including status and version.

How to Encrypt a Storage Disk with BitLocker

You can use BitLocker to encrypt the System drive (disk with Windows installation), secondary disks on the PC or external disks attached to the computer.

Press the “Win + E” keys to open the File Explorer and select “This PC” on the navigation menu located on the left pane.

Here you will see all the computer disks and other disks connected to your PC.

Right-click the device you want to encrypt and click “Turn on BitLocker”

The BitLocker wizard will open. Tick the first option, use password under “Choose how you want to unlock the drive”.

Enter and confirm a strong password that meets the specified requirements in the spaces provided and click “Next”

On the next wizard page, select one of the options to specify how you want to back up your recovery key and click “Next”

Note: you can use the recovery key to access the protected disk in case you forget the password.

Choose whether to encrypt used disk space or the entire disk and then click “Next”. It is worth noting that even when you encrypt used space, new files will be encrypted as you add them to the disk.

Choose the encryption mode based on the recommendation for the type of drive you are protecting.

To begin the disk encryption, click the “Start encryption” button at the bottom of the wizard and now wait for the process to complete.

Depending on the size of the disk and the encryption mode chosen above, the process can take from minutes to a few hours. Once complete, you will notice a padlock icon attached to the locked drive.

How to Encrypt a Storage Disk with BitLocker

You can use BitLocker to encrypt the System drive (disk with Windows installation), secondary disks on the PC or external disks attached to the computer.

Press the “Win + E” keys to open the File Explorer and select “This PC” on the navigation menu located on the left pane.

Here you will see all the computer disks and other disks connected to your PC.

Right-click the device you want to encrypt and click “Turn on BitLocker”.

The BitLocker wizard will open. Tick the first option, use password under “Choose how you want to unlock the drive”.

Enter and confirm a strong password that meets the specified requirements in the spaces provided and click “Next” <Image: EncryptionMethod.png>.

On the next wizard page, select one of the options to specify how you want to back up your recovery key and click “Next”.

Note: you can use the recovery key to access the protected disk in case you forget the password.

Choose whether to encrypt used disk space or the entire disk and then click “Next”. It is worth noting that even when you encrypt used space, new files will be encrypted as you add them to the disk.

Choose the encryption mode based on the recommendation for the type of drive you are protecting.

To begin the disk encryption, click the “Start encryption” button at the bottom of the wizard and now wait for the process to complete.

Depending on the size of the disk and the encryption mode chosen above, the process can take from minutes to a few hours. Once complete, you will notice a padlock icon attached to the locked drive.

How to Manage BitLocker Disk Encryption in Windows 10

The BitLocker Management Window allows you to tweak the encryptions settings such as changing the password, switching off BitLocker and so on.

Opening the BitLocker Management Panel

Type ‘BitLocker’ in the search box and choose “Manage BitLocker” from the search results.

This will open the BitLocker settings in control panel. Here you will find all the drives on your PC showing the encryption status.

To view the encryption status, click the down-facing arrow next to the device.

To encrypt a drive, click the “Turn on BitLocker” link and follow the procedure described above to complete the process.

How to Open an Encrypted Disk

To open a BitLocker Encrypted drive, click the “Unlock drive” next to the locked volume.

You can also open an encrypted drive by opening “This PC” in File Explorer and double click the drive.

This will open a dialog prompting for the unlock password. Enter the password and click the “Unlock” button.

If you don’t have the password, click “More Options” on the password prompt and change the option to recovery key and enter the key you saved during encryption.

Change/ Reset BitLocker Encryption Password

• Once unlocked, you will be to see more encryption settings.

To change the BitLocker encryption password, click the “Change password” link.

On the resulting popup, enter the old password, type in and confirm the new password then click the “Change password” button to apply the changes.

If you have forgotten your password, click the link to reset a forgotten password and on the resulting window, type and confirm your new password. Click the “Finish” button.

Conclusion

Most people trust keeping their sensitive data remotely either in a computer local disk or an external storage disk. While this keeps the data free from online attacks, it is not fully safe since the computer or the external disk can be stolen or get lost. Therefore, extra security is required to protect the offline data.

Fortunately, Windows 10 users can use BitLocker, an in-built security feature, to encrypt local and external disks preventing unauthorized access to your data. If your PC hardware and OS version supports the tool, you can follow the above guide to enhance your offline data protection.