Question

BitLocker on Windows 10: Encrypt your hard drive correctly

Answer 1

How to check if your device has a TPM chip
1st step:
2nd step:
Allow BitLocker without a compatible TPM
1st step:
2nd step:
3rd step:
4th step:
5th step:
How to enable BitLocker on Windows 10
1st step:
2nd step:
3rd step:
4th step:
5th step:
6th step:
7th step:
8th step:
9th step:
Quick start guide: Allow BitLocker without a compatible TPM
Quick start guide: How to enable BitLocker on Windows 10

---

If you want to protect your device and your data from unauthorized persons, BitLocker offers an encryption solution..

If you store sensitive information on your computer, it is important that you take the necessary steps to protect your information. This is especially true for devices in mobile use, such as laptops or tablets. It can always happen that your private data falls into the wrong hands, for example if you lose your device or it is stolen. It is for this very reason that you should encrypt your mobile media as well as your computer. The BitLocker program is integrated in Windows 10 Pro and Windows 10 Enterprise, which takes exactly this process for you with ease. In our article, we will first show you the basic requirements for using BitLocker. To do this, your PC must be equipped with a TPM chip in the mainboard or you have to activate BitLocker without TPM.Our instructions are therefore divided into three steps so that encryption with BitLocker is guaranteed to work under Windows 10.

• How to check if your device has a TPM chip
• Allow BitLocker without a compatible TPM
• How to enable BitLocker on Windows 10

Note: Even though BitLocker is an integrated feature of Windows 10 Pro and Enterprise, you should make a full backup of your system before encryption, in order to return to the status quo in the event of possible complications.

How to check if your device has a TPM chip

1st step:

Press [Windows] + [X] and select the " Device Manager ".

2nd step:

Look for " security devices ". If the mainboard of your computer is equipped with a TPM chip, you will find the corresponding entry for the TPM chip here (here: Trusted Platform Module 2.0). The next step of activating Bitlocker without TPM is superfluous for you and you can continue reading for your hard drive when activating Bitlocker under Windows . If you cannot find this entry, continue with the next instruction.

Allow BitLocker without a compatible TPM

Follow our step-by-step instructions or take a look at the brief instructions ..

1st step:

Press [Windows] + [R] , enter " gpedit.msc " in the Run dialog and click " OK " to open the Local Group Policy Editor.

2nd step:

Here you first expand the " Administrative Templates " folder and then the " Windows Components " folder .

3rd step:

Under the Windows components, again expand the " BitLocker Drive Encryption " folder and click on " Operating System Drives ".

4th step:

Under the entries for the operating system drives, double-click on the entry " Request additional authentication at startup ".

5th step:

Select the " Enabled " option and ensure that the " Allow BitLocker without a compatible TPM [...] " check box is selected. Confirm the setting by clicking on " Apply " and then on " OK ".

How to enable BitLocker on Windows 10

Follow our step-by-step instructions or take a look at the brief instructions .

1st step:

Enter " BitLocker " in the Cortana or Windows search box in the lower left corner and open the option " Manage BitLocker ".

2nd step:

The " BitLocker Drive Encryption " window opens . Select the " Enable BitLocker " option next to the drive you want to encrypt. Here we choose the Windows partition (C :) .

3rd step:

In the starting setup of BitLocker Drive Encryption, click on " Next " in the three subsequent dialogs . In the second dialog window you also have the option to create a backup again (see note). Your computer will now be checked briefly and the drive prepared. If the drive has been successfully prepared, you will see the green tick. Click on " Next " again. A restart may be required.

Warning: This step can be optional if your drive does not require preparation. So don't be surprised if you don't see the windows mentioned.

4th step:

After the verification is complete, you will be asked how to unlock the drive on startup. For the purpose of this guide, we will select the " Enter Password " option .

5th step:

Please enter a strong password . This password is now requested every time you start Windows 10. Click " Next " to continue.

6th step:

You then have four options for how you want to back up the recovery key. If you forget your password, this will give you access to your data again. In these instructions we select " Save to USB memory stick ". Of course, if you trust the cloud, you can also choose "Save to Microsoft Account". The other two options are also legitimate. Click on " Next " again to continue .

7th step:

In this step, choose between the two encryption options. Here we do not give you any specifications, but you can decide according to your own preference. Note, however, that the " Encrypt entire drive " option is much slower.

8th step:

Also read the instructions carefully in the next dialog window and choose one of the two options that applies to your case. Click on " Next ".

9th step:

In the last step, click " Next " to confirm that you want to encrypt the drive now. The computer will then BitLocker restarted . You have successfully encrypted your drive and will be asked for your password when you restart.

Note: Some computers always assume an English keyboard layout when restarting, so you will unknowingly enter your password incorrectly. You can read more about this in a c't article..

Quick start guide: Allow BitLocker without a compatible TPM

1. Press [Windows] + [R] and enter " gpedit.msc ", confirm with " OK ".
2. Click Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives .
3. Double click on the entry " Request additional authentication at startup ".
4. Select the " Enabled " option and check that the " Allow BitLocker without compatible TPM [...] " checkbox is activated. Finally press " Apply " and " OK ".

Quick start guide: How to enable BitLocker on Windows 10

1. Enter " BitLocker " in the Windows search box and open the option " Manage BitLocker ".
2. Click Activate BitLocker .
3. Continue with " Next " in the next dialogs . A restart may be required.
4. Choose your preferred method of how you want the drive to be unlocked on startup.
5. Create a strong password and click Next .
6. Select a location for the recovery key.
7. Now you decide how much storage space should be encrypted.
8. Select the encryption mode . For a hard disk drive> " New encryption mode ".
9. Enable the " BitLocker System Check ". Complete the process with " Next ". Your computer will then restart with an encrypted drive.

---