Windows 10 End of Life/Support

  • 00Days
  • 00Hours
  • 00Minutes
  • 00Seconds
How Can We Help?
< All Topics
Print

HOWTO: Enable and Disable Bitlocker Disk Encryption

PostedFebruary 17, 2025
UpdatedFebruary 23, 2025
ByRob Bailey
0 out of 5 stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%

NOTE: DO THIS AT YOUR OWN RISK! IF NOT DONE CORRECTLY, YOUR SYSTEM WILL BE LOCKED OUT

Enable BitLocker

Requirements:

  • A PC running Windows Pro, Enterprise, or Education edition (BitLocker is not available on Windows Home).
  • A Trusted Platform Module (TPM) or a USB flash drive for key storage.
  • Administrator privileges.

Steps to Enable BitLocker:

  1. Open Control Panel

    • Press Win + R, type control, and press Enter.
    • Navigate to System and Security > BitLocker Drive Encryption.

  2. Turn On BitLocker

    • Select the drive you want to encrypt (e.g., C: drive).
    • Click Turn on BitLocker.

  3. Choose How to Unlock the Drive

    • Use TPM (if available) or set a password/PIN.
    • If no TPM is detected, you may need to enable BitLocker without TPM by using Group Policy (gpedit.msc > Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives).

  4. Choose Where to Save the Recovery Key

    • Save it to your Microsoft account, a USB drive, a file, or print it.
    • Important: Keep this key safe in case you forget your password.

  5. Choose Encryption Mode

    • New PCs (Windows 10/11): Choose XTS-AES-256 (New Encryption Mode).
    • For Compatibility with Older Versions: Choose AES-CBC (Compatible Mode).

  6. Start Encryption

    • Click Start Encrypting and wait for the process to complete.
    • Restart your computer if prompted.

Disable BitLocker (Decrypt a Drive)

  1. Open Control Panel

    • Navigate to System and Security > BitLocker Drive Encryption.

  2. Turn Off BitLocker

    • Find the drive you want to decrypt and click Turn off BitLocker.
    • Confirm and wait for the decryption process to finish.

  3. (Optional) Disable BitLocker via Command Prompt

    • Open Command Prompt (Admin) (Win + X > Command Prompt (Admin)).
    • Run the command:
      manage-bde -off C:
    • Replace C: with the appropriate drive letter.

Check BitLocker Status

  • Run the following command in Command Prompt (Admin):
    manage-bde -status
  • Contact Us if you would like to get assistance for this solution.
Was this article helpful?
0 out of 5 stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
5
Please Share Your Feedback
How Can We Improve This Article?
Table of Contents
resized-image-Promo-768x277

#YOURTECHISOURBUSINESS

Our Story

Support

Signup for our Newsletter

Subscribe

* indicates required
We want to keep in touch!

Address

3261 Old Washngton Road

Waldorf, MD 20602

(301)244-0133

©2012-2024 All Rights Reserved. Hosted by Rebnetik Enterprise

0

No products in the cart.