This post shows students and new users how to turn on or enable BitLocker to drive encryption when using Windows 11 to protect their sensitive files and data.
BitLocker helps protect your computer data so only authorized users can access it. Access will be denied if someone tries to access your BitLocker-enabled computer without authentication.
One of the main reasons to turn on BitLocker in Windows 11 is to protect sensitive data from unauthorized access in case your device is lost or stolen. BitLocker is a built-in encryption tool that encrypts the entire drive where your data resides to safeguard your files and folders from prying eyes.
This way, even if someone gains physical access to your computer, they won’t be able to read your files without the appropriate authentication. BitLocker can also help protect your data from malware attacks by preventing unauthorized changes to your system files.
Note that BitLocker isn’t available on Windows 11 Home Edition.
Turn on the Device Encryption
If you’re not currently signed in as an administrator, sign in to Windows with an administrator account (you may have to sign out and back in to switch accounts).
Also, a Trusted Platform Module (TPM) chip is now required to use BitLocker drive encryption. Without a TPM chip in your computer, you may be unable to use BitLocker without a workaround.
If your computer has a TPM chip, continue with the steps below. If your PC doesn’t have a TPM, continue below. We’ll show you a workaround to get BitLocker installed for you.
Windows 11 has a centralized location for the majority of its settings. Everything can be done, from system configurations to creating new users and updating Windows from its System Settings pane.
To get to System Settings, you can use the Windows key + I shortcut or click on Start ==> Settings, as shown in the image below:
Alternatively, you can use the search box on the taskbar to search for Settings. Then select to open it.
In Windows Settings, click Privacy & Security, then select Drive encryption on the right pane of your screen, as shown in the image below.
If you see the message “Device encryption isn’t available for this device,” then the TPM chip isn’t available for your device, and you won’t be able to use BitLocker without a workaround we’ll show you below.
If you do not see the highlighted message above, simply click the BitLocker drive encryption link in the image above to encrypt your drive.
Use Standard Encryption
If your computer isn’t compatible with Windows device encryption, you may be able to use standard BitLocker encryption.
Since TPM is required in Windows 11, use this workaround to get around that requirement.
Click on Start, begin typing Run, or use Windows search and search for Run. Then open the Run app.
When the Run app opens, type the command below in the box and press Enter.
gpedit.msc
When the Group Policy Editor opens, navigate to the path below:
Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives
Then open the open setting “Require additional authentication at startup” highlighted.
Then select the box next to Enabled to enable and check the box to Allow BitLocker without compatible TPM (requires a password or a startup key on a USB flash drive).
Exit, and you’re ready to use BitLocker without the TPM module.
Now continue where we left above, and go to System Settings –> Privacy & Security –> Drive encryption.
On the Drive encryption settings page, click on BitLocker drive encryption.
Next, click the link to Turn on BitLocker, as highlighted in the image below.
If you don’t have a TPM module, you’ll be prompted to insert a USB flash drive or enter a password each time you boot up the computer.
Insert and select the drive to save the key and continue.
You’ll also be asked to save a recovered key somewhere. This recovery key is important for restoring your machine, so print and save it online or somewhere secure.
Finally, encrypt the entire drive.
Complete the wizard, and you’re done.
When your PC boots, enter the password or insert the USB flash drive you provided. If you can’t give the password or USB drive, BitLocker won’t be able to encrypt your drive, and you won’t be able to boot into your Windows system and access your files.
Note: It isn’t available on Windows 10 Home Edition.
Conclusion:
- BitLocker is an essential tool for protecting sensitive data on your Windows 11 device.
- Enabling BitLocker ensures that only authorized users can access your files, safeguarding against unauthorized access.
- For devices without a TPM chip, a workaround is available to still utilize BitLocker encryption securely.
- It’s important to create and securely store recovery keys to avoid losing access to your data.
- Following the steps above will help you effectively set up BitLocker and enhance your data security on Windows 11.
Leave a Reply