Today we are talking about Bitlocker the free built-in Windows encryption tool. How it works and how to enable it on your system.

Windows encryption tool
Windows encryption tool

Starting with Windows Vista, Microsoft included Bitlocker for the Pro and Enterprise versions of its operating system. Bitlocker is Microsoft’s solution to drive encryption that is easy to use and just as easy to manage. As the vast majority of users have a Home version of Microsoft Windows 10, access to Bitlocker is restricted by a paywall or OS version upgrade. There is still an alternative in the form of a Windows encryption tool for Home edition that is more rudimentary but more on that later.

How Does Bitlocker Work?

Bitlocker can be used on any computer using Windows 10 Pro or Enterprise. To use it to encrypt entire drives, a TPM chip needs to be present on the motherboard of the computer. The TPM chip or Trusted Platform Module allows for authentication checks on installed hardware, being capable of detecting unauthorized changes. Bitlocker requires access to TPM but it is possible to use Bitlocker without it by editing the Group Policy.

The way Bitlocker works are straight forward. It encrypts entire drives or partitions. It cannot encrypt just folders. Once encrypted, access to the files is only possible with a PIN code or the recovery key which is stored into a file during the setup.

Enabling Bitlocker onto a Drive or Partition

In Windows 10, encrypting an entire drive or partition is very simple.

  • Go to the search bar and type Bitlocker. The search results should list “Manage Bitlocker” as one of the options. Click “Manage Bitlocker”
  • A new window will appear in the form of a wizard. Click on “Turn on Bitlocker”.
  • Bitlocker will check your system configuration to determine if it is compatible. If you have TPM on your system and it is enabled, it will ask for access to it.
  • You will then be prompted to select the drive or partition that you wish to encrypt. Select the drive and click Next.
  • Bitlocker will ask you to set a password or PIN for the encrypted drive. If this is the drive you have Windows 10 installed on, you will be requested to enter the password every time you start your computer.
  • Once the password is set, Bitlocker will ask you to save a recovery key. The recovery key is saved in the form of a file and it is recommended to store it onto a secure flash drive. It can also be printed or written down by hand.
  • You will be asked to choose if you want to encrypt only the files on the drive, without the free space or the entire drive. Choose the appropriate option.
  • Bitlocker will start encrypting the drive. It will take a while. Once done, restart your computer to finish the process.

Bitlocker encryption tool

Bitlocker is just as secure as any other encryption tool. The Windows encryption tool is quite minimalistic in terms of management and configuration options which makes it a viable choice for the ones that may not be tech-savvy or do not wish to pay for a third-party encryption solution. Windows 10 Home edition does not have Bitlocker but it does have “device encryption” which does almost the same thing. However, the Windows encryption tool in Home edition is less secure since it does not require a password. It only protects your data in the sense that it prohibits access to your files if the hard drive or SSD is used on a different computer.