Don’t know how to Turn On or and Turn Off BitLocker Drive Encryption on Windows 11? Don’t Worry! In this Guide, I will tell you everything you need to know about BitLocker Drive Encryption and How to Enable or Disable BitLocker in Windows 11.
BitLocker is an encryption feature that can be used to encrypt your hard disc in order to protect your data from unauthorized access, prying eyes or theft. It is a native security feature included in most versions of Windows PCs, including Windows 11 Pro, Education, and Enterprise editions, but not the Home edition.
A BitLocker-encrypted drive can only be unlocked or decrypted with a BitLocker password or the BitLocker Recovery Key once it has been encrypted. Even if the machine has been stolen or the hard disc has been seized, anyone without proper authentication will be denied access. It encrypts data in the full drive or only the used area of the drive using the Advanced Encryption Standard (AES) encryption technique with 128-bit or 256-bit keys.
Types Of BitLocker Encryption
In Windows 11, you can use two types of BitLocker encryption:
1. BitLocker Drive Encryption
This method of encryption is used to encrypt fixed hard drives (internal hard discs), including operating system drives. If you used Bitlocker to encrypt your operating system drive, the boot loader will prompt you to enter your Bitlocker password or Bitlocker key when you boot. BitLocker decrypts the drive and loads Windows only after you enter the correct encryption key or password.
2. BitLocker To Go
External drives, such as USB flash drives and external hard drives, can be encrypted using this method. When you connect the drive to a computer, you must enter the password or recovery key to unlock it. Drives encrypted with BitLocker To Go, unlike the previous method, can be unlocked on any other Windows or macOS computer as long as the user has the password or recovery key.
System Requirements to Enable BitLocker in Windows 11
To use BitLocker in Windows 11, you will need:
- Windows 11 Pro, Education, or Enterprise edition. BitLocker is also available in Windows 7, 8, 8.1, and 10 versions.
- U must have a Trusted Platform Module chip (TPM) with support for Modern Standby on your PC. For Windows 11, TPM version 2.0 must be enabled in UEFI/BIOS Boot mode.
- However, software-based encryption can also be used to enable BitLocker without the use of a TPM.
- The computer should have motherboard firmware in UEFI mode.
- BitLocker requires at least 2 partitions: a system partition and an operating system partition. A system partition must be at least 100 MB in size and contain all of the files required to run Windows. The real Windows installation files are located on the operating system partition. If those two partitions do not exist on your machine, BitLocker will create them for you. The NTFS file system must also be used to format the operating system partition.
- You should be logged in as an administrator.
TPM and a valid Windows edition (Pro, Education, or Enterprise) are the two most significant requirements. The rest of these requirements are likely to be met by the majority of PCs.
How to Check If Your PC Has TPM
The TPM Management tool, Windows Security App, Command prompt, System Manager, and BIOS are all options for checking whether your PC has TPM compatibility for BitLocker or Not.
The TPM Management Tool, which is built into Windows OS, is the simplest way to check whether your PC has TPM. Let’s find out …
- Press the Windows+R key to open the Run dialog window.
- Now, type tpm.msc into it and click Ok or press Enter.
- Here, you can see if TPM is installed on your computer including the TPM version. If TPM is installed on your computer you would see the ‘The TPM is ready for use’ message under the Status section.
- If the TPM is not available or disabled on your PC, you would see a “Compatible TPM cannot be found” message on the screen.
Enable BitLocker Drive Encryption in Windows 11
On Windows 11, you can enable BitLocker through the Settings app, Control Panel, File Explorer, or PowerShell and Command Prompt. Before we begin, make sure you’re logged in as an administrator on your Windows 11 PC.
Turn On BitLocker in Windows 11 Via the Settings App
- Press Windows + I key to go to the Settings.
- Now go to the System tab and select the ‘Storage’ option on the right pane.
- Scroll down to the bottom and click the ‘Advanced storage settings’ option under Storage management.
- In here, select ‘Disk & volumes’.
- Here, all the disks and drives (volumes) on your computer are listed. Now, select the drive that you want to Encrypt or Lock and click ‘Properties’.
- On the selected volume page, Scroll down and click ‘Turn on BitLocker’ under the BitLocker section.
- This will take you to the BitLocker Drive Encryption control panel where you can set up, manage, and turn off BitLocker.
- Now, just choose the drive you want to encrypt from the list of drives (operating system drives, fixed drives, or removable drives) and click the ‘Turn on BitLocker’ link next to that drive.
- Then, wait until BitLocker initializes the selected drive.
- When the BitLocker Drive Encryption wizard opens, choose your preferred unlock option and click Next. You need to choose if you want to unlock this drive with a password or a smart card:
- Use a password to unlock the drive: The password must be a combination of uppercase and lowercase letters, numbers, spaces, and symbols.
- Use my smart card to unlock this drive: A smart card can also be used to unlock BitLocker-protected data drives on your computer. If you choose this unlock option, you must insert your smart card into the computer in order to encrypt the drive. Every time you need to authenticate your identity, you will need to enter your smart card PIN and use a smart card.
- For now, we’ll go with Password One. So select the password option, enter and reenter your password and click Next.
- Next, U should choose how you want to back up your recovery key. In case you forgot your password or lost your smart card, you can always use your recovery key to unlock the encrypted drive. You can choose any of the recovery options.
- To select an option, just click on it: For now, We will go with the option Save to a USB flash drive.
- Once your recovery key is backed up or saved, you’ll see a message at the top as shown below. Then, click Next.
- The following window will ask you how much drive space you want to encrypt:
- Encrypt used disk space only (faster and best for new PCs and drives) – This option will only encrypt the space currently occupied by data on the hard drive, leaving the rest of the free space unencrypted. This option is faster and best if you’re installing BitLocker on a new PC or drive.
- Encrypt the entire drive (slower but best for PCs and drives already in use) – This will encrypt the entire drive, including free space, and will take longer to finish. If you’re encrypting a drive that’s been in use for a while and don’t want anyone recovering deleted files, this is the best option.
Whatever option you select, BitLocker will automatically encrypt new data as it is added to the encrypted drive. Select the appropriate option and press the Next button.
- Next, choose the encryption mode you want to use and click Next.
- Finally, click the ‘Start Encrypting’ button to start the encryption process.
- The drive will begin encrypting when you complete the procedures above.
- The encryption process might take a while. Once it’s done, you’ll see an Encryption complete message.
- That’s it. This is how your Encrypted Drive will look.
Turn On BitLocker in Windows 11 Using Control Panel
- Open the Windows Start menu and search for ‘Control Panel’ and then click Open.
- In the Control Panel, click the System and Security category.
- Then, click on the ‘BitLocker Drive Encryption’ setting.
- Then continue enabling the BitLocker as the above-mentioned process.
Moreover, there are also many other ways to Enable BitLocker Drive Encryption in Windows 11.
Turn Off BitLocker On Windows 11
BitLocker is easier and faster to turn off/disable than it is to turn it on. You may quickly disable BitLocker if you no longer require it. The data on the drive will not be deleted or modified as a result of this action. However, before you disable BitLocker, you must first unlock the encrypted drive as described in the preceding section.
- Press Windows + I key to open Settings.
- Go to the ‘System’ tab and select the ‘Storage’ option on the right pane.
- Scroll down to the bottom and click the Advanced storage settings option under Storage management.
- Now, select ‘Disk & volumes’.
- Here, select the encrypted volume that you want to decrypt and click ‘Properties’. If a drive is encrypted, you will see ‘BitLocker Encrypted’ status under the drive name as shown below.
- On the selected volume page, click ‘Turn off BitLocker’ under the BitLocker section.
- Now, just select the drive you want to decrypt and click the ‘Turn off BitLocker’ setting link.
- If you are prompt, click ‘Turn off BitLocker’ again. BitLocker may prompt you to enter unlock password before the feature is disabled.
That’s it. So, this was all the important information regarding BitLocker Drive Encryption, and the methods to Enable or Disable BitLocker Drive Encryption in Windows 11. I hope you found this post beneficial. Thanks.
You May Also Like