How to set up Bitlocker on Windows 10 and what to do if you cannot set it up

This time, we will explain how to set up BitLocker on Windows 10 and what to do if you cannot set it up.

What exactly is BitLocker? I will also explain the advantages and disadvantages of using BitLocker, so I hope you will find it useful.

How to set up BitLocker, encrypt your PC storage device with BitLocker

BitLocker encryption is very effective in reducing the risk of data leakage on Windows HDDs and SSDs.

This article explains BitLocker as follows.

  • First of all, what is BitLocker?
  • Advantages and disadvantages of using BitLocker
  • How to encrypt your system drive with BitLocker
  • How to encrypt external storage devices such as USB memory with BitLocker

First of all, what is BitLocker?

BitLocker is, simply put, an encryption feature built into Windows.

Encryption protects your data from theft and unauthorized access.

Higher editions of Windows are equipped with this BitLocker.
It is a system that prevents information leakage to third parties by encrypting data on drives, HDDs, SSDs, etc.

There are multiple unlocking methods, including password entry, IC card authentication, TPM, and USB external keys.

Advantages and disadvantages of using BitLocker

The advantage of using BitLocker is that it reduces the risk of data being viewed in the event of media theft.

For example, even if you remove only the HDD or SSD from your PC, you will not be able to unlock it on other PCs. Since it comes standard with Windows, there is no need to search for and use other software, and it is also easy to use.

On the other hand, the disadvantages of BitLocker are that the decryption key required for decryption may be suddenly requested during use, and that backup software may conflict if it is enabled.
I think this is a disadvantage because it has a powerful effect in terms of security. Another disadvantage is that encryption can be disabled by using an account with administrator privileges.

How to encrypt your system drive with BitLocker

Follow the steps below to encrypt your system drive with BitLocker.

[How to encrypt the system drive with BitLocker]

  1. Start Windows 10
  2. Show control panel
  3. Select "System and Security"
  4. Select "BitLocker Drive Encryption"
  5. Select "Enable BitLocker"
  6. When "Please specify a backup method for your recovery key" is displayed, select a storage method.
  7. If you select an option other than printing, select a storage location.
  8. Select "Activate BitLocker"

How to encrypt external storage devices such as USB memory with BitLocker

The method to encrypt external storage devices such as USB memory with BitLocker is as follows.

[How to encrypt external storage devices such as USB memory with BitLocker]

  1. Start Windows 10
  2. Log in with an account with administrator privileges
  3. Start Explorer
  4. Right-click the relevant drive (in this case, external storage device such as USB memory)
    (Let's set up an external storage device)
  5. Select "Enable BitLocker"
  6. When "Please specify a backup method for your recovery key" is displayed, select a storage method.
  7. If you select an option other than printing, select a storage location.
  8. When "Select the range to encrypt the drive" is displayed, select "Encrypt the entire drive" for the PC you are using.
  9. Select "Next"
  10. When prompted to "Select the encryption mode to use," select "New encryption mode."
  11. Select "Next"
  12. When the message "Are you ready to encrypt this drive?" appears, select "Start encryption"
  13. When "Encryption of [drive name] is complete." is displayed, select "Close"

If you cannot configure BitLocker

If you are unable to configure BitLocker, please check the following points.

  • Check your Windows edition
  • "This computer does not support entering the BitLocker recovery password at startup."
  • If TPM is not enabled

Check your Windows edition

On Windows, the BitLocker encrypted disk conversion feature is available only on Pro, Enterprise, and Education.

In other words, BitLocker is not available in lower editions of Windows, except for some features. (Windows home etc.)

Therefore, if you are unable to set up BitLocker, check your Windows edition.

[How to check the edition of Windows]

  1. Press "Windows" key + "R" key
  2. Enter "winver" in the "Run" section
  3. Select the displayed "winver"
  4. Check the edition from the displayed window

"This computer does not support entering the BitLocker recovery password at startup."

When you try to configure BitLocker, you may receive the message "This computer does not support entering a BitLocker recovery password at startup."

In this case, editing using the Group Policy Editor is required.

[Edit Group Policy Editor]

  1. Type "gpedit" in the search box on the Windows taskbar
  2. Select "Edit Group Policy"
  3. Select "Computer Configuration"
  4. Select "Administrator Template"
  5. Select "Windows Components"
  6. Select "BitLocker encryption"
  7. Select "Operating System Drive"
  8. Select "Use BitLocker authentication with pre-keyboard input on Slate"
  9. Select "Enabled"
  10. Select "OK"

If TPM is not enabled

If you are unable to configure BitLocker, TPM may not be enabled.

TPM is an IC chip that performs encryption processing, etc.

In order to encrypt HDD etc. with BitLocker, TPM is basically required. Therefore, if your PC does not have a TPM or is disabled, you may not be able to configure BitLocker.

To enable TPM, please configure the BIOS according to the following steps.
How to enable TPM on Asrock motherboardYou can check it here.

[How to enable TPM from BIOS]

  1. When you start up your PC, the manufacturer logo will be displayed, so press the BIOS startup key during that time (the startup key differs depending on the manufacturer)
  2. Once the BIOS boots, open the security settings
  3. Find TPM options
  4. Highlight "TPM2.0/1.2" on the left
  5. Select the “TPM” box on the right to turn it on
  6. Select option to enable TPM
  7. Save changes and close BIOS

What to do if "Disable BitLocker" is not displayed

If "Disable BitLocker" is not displayed, your PC may not have BitLocker installed in the first place.

However, as mentioned above, there may be cases where a recovery key is requested even though PCBitLocker is not installed. This behavior may be a function of device encryption rather than BitLocker.

Therefore, please check whether "Device Encryption" is turned on. And if necessary, turning this off may solve the problem.

[How to disable device encryption]

  1. Select "Start (Windows mark)"
  2. Select "Settings (gear mark)"
  3. Select "System"
  4. Select “Version Information” on the “System” screen
  5. Select “Turn Off” under “Device Encryption”
  6. Select “Turn off” in the “Disable device encryption” window

Encryption software that can be used with Windows 10 home

BitLocker is only available in Pro, Enterprise, and Education editions of Windows 10. Therefore, it cannot be used with Windows 10 home edition.

On the other hand, the encryption software that can be used with Windows 10 home includes the following.

  • VeraCrypt
  • TrueCrypt
  • attaché case

Encrypt with VeraCrypt

VeraCryptis one of the free disk encryption tools.
This is software derived from TrueCrypt below.

It seems that the problems with TrueCrypt have been improved and the security is stronger than TrueCrypt.

In December 2021, version 1.25.4 was released for the first time in a year.
It is compatible with not only Windows, but also Mac and Linux. However, please note that the new version no longer supports Windows Vista, 7, and 8.

[How to encrypt with VeraCrypt]

  1. Get VeraCrypt from the link above
  2. Start VeraCrypt
  3. Select "Create Volume"
  4. Check "Create encrypted file container"
  5. Select "Next"
  6. Select "VeraCrypt standard volume"
  7. Select "Next"
  8. Select "Volume position"
  9. Select "Next"
  10. Leave “Encryption Options” as is and select “Next”
  11. Set the required capacity in "Volume size"
  12. Set "Volume Password"
  13. In the "Volume Format" setting, if you are only using Windows, set the file system to "NTFS".
  14. Once the encryption key processing is complete, select "Format"
  15. Return to VeraCrypt top screen
  16. Select drive volume
  17. Select the virtual disk drive file you just created from "Select File"
  18. Select "Mount"
  19. Enter the password you set earlier
  20. After mounting is complete, check if the new drive has been added to Explorer.

Encrypt with TrueCrypt

TrueCryptLike VeraCrypt mentioned above, is a disk encryption tool.
Since VeraCrypt is a derivative of TrueCrypt, it can be said that this TrueCrypt is the origin.

However, development of TrueCrypt ended around 2014, and there have been reports that vulnerabilities have been confirmed since then.

There seems to be no problem in normal use, but if you have any concerns, you may have the option of using other software.

[How to encrypt with TrueCrypt]

  1. Get TrueCrypt from the link above
  2. Start TrueCrypt
  3. Select “Create Volume”
  4. Start "Volume Creation Wizard"
  5. Select "Create an encrypted file container"
  6. Select "Standard TrueCrypt volume"
  7. Select "AES"
  8. After creating the volume, select "volume"
  9. Select "Select file"
  10. Select the volume you created and the drive you want to mount
  11. Select "Mount"
  12. Enter the password you created

Encrypt with attache case

attaché caseis a tool to protect files, folders, etc.

The feature is that data can be easily encrypted by drag and drop.
It can also be used when you want to exchange data securely.

In addition to encryption, data compression is also possible.

[How to encrypt with attache case]

  1. Get the attaché case from the link above.
  2. Launch attache case
  3. Drag and drop the files and folders you want to encrypt into the attache case.
  4. Set password
    (If you check "Executable output", it will be possible to decrypt it even from a PC that does not have Attaché Case installed.)
  5. To decrypt, drag and drop the relevant file/folder into the attache case (or double-click on the encrypted data)
  6. Enter password

Summary of how to set up Bitlocker on Windows 10 and solutions if you cannot set it up

This time, we explained how to set up BitLocker on Windows 10 and what to do if you cannot set it up.

First of all, keep in mind that BitLocker is not available depending on the edition of Windows. If BitLocker is not available, you can also use VeraCrypt or TrueCrypt to encrypt your disk.

In addition, if you only need to be able to encrypt data rather than the system drive, Attaché Case etc. may be useful.

Additionally, passwords are often required to encrypt drives and data, so be careful when storing them.

Be the first to comment

Required

This site uses Akismet to reduce spam. Learn how your comment data is processed.

en_USEnglish
jaJapanese en_USEnglish