Friday 13 January 2023

What is BitLocker, and how do we enable it in windows


BitLocker is a form of encryption for data protection and is integrated into the operating system. Created in 2004 as a feature codenamed "Cornerstone" and designed to protect device information, especially in the event of loss or theft, another feature called "Code Integrity Rooting" was designed to validate boot file integrity. and Microsoft Windows system. When used in conjunction with (TPM), it can validate boot and system file integrity before decrypting a protected disk.

TPM is an add-on that is now installed on all newer computers. It works in conjunction with BitLocker and can help protect a computer's data and ensure that the computer is not compromised while offline. However, even on computers that do not have TPM version 1.2 or later, you can use BitLocker to encrypt the drive of the Windows operating system.

However, this mode will require the user to insert a bootable USB key to start the computer or resume from hibernation. In addition to TPM, BitLocker offers the option of locking out the normal boot process until the user provides a personal identification number (PIN) or inserts a removable device, such as a USB flash drive, that contains a boot key. 

These additional security measures provide multi-factor authentication and assurance that the computer will not start or resume from hibernation until the correct PIN or power-on key is displayed.

To use BitLocker you will need to run some of the following versions of your computer: Windows 11 Pro, Education or Enterprise or Windows 7, 8, 8.1 and 10. For Windows 11, TPM 2.0 must be running UEFI / BIOS boot. BitLocker can be used on devices without TPM, but you will need to save a boot key to a removable device, such as a USB flash drive. 

Before the encryption process starts, you will be asked if you want to encrypt only the used disk space or the entire drive. On a computer that has just installed Windows, it is recommended that you encrypt only the used disk space. 

If you copy the encrypted files to another computer, they will be decrypted automatically. Finally, if you disable BitLocker then all the files on the drive will be decrypted. Also, decryption can take a long time to complete depending on the size of your storage space.



In windows 11, type BitLocker in the search field, and select the disk you want to encrypt by clicking enable  bitlocker.


Wait a while and put a password in the window you see, however make sure it is not easily predictable.


Choose one of the three ways you see. My opinion is to choose the latter if you are going to encrypt an external USB drive etc. That is, save the security file with the encryption key somewhere. However, if you choose to encrypt the boot disk where windows is located, select the first one.

Choose whether to encrypt all or part of the site.


If you want to encrypt a removable USB drive etc. click on the second option, in any other case select the first one.



Now press the button to start encryption. (NOTE: If you think you haven't done something right, click on cancel to cancel the whole process). As you can see the utility of the application is obvious, since no one will be able to see or hack your data if they don't have the password or the key. In the event that you choose to encrypt the system disk, you must know that there must necessarily be enough free space on your disk so that a new recovery disk can be created.

From there on after this stage is complete you will be asked to restart your computer. Reboot and enter your password when prompted. 

Although the process is completely safe, before starting it be sure to back up your computer especially if you are going to encrypt the boot disk where windows are installed.

See it in the video

Follow us on Google News

TAGS: step by step

No comments:

Post a comment

We will be very happy for you to actively participate and comment on our topic. Alternatively, you can send your message through our Facebook page. I will try to answer your questions as soon as possible.

AdBlock Detected!

It looks like you are using an ad blocker. However, you can very easily add us to your opt-out whitelist