Windows 11 Windows 10 More...Less
Device encryptionhelps protect your dataand it'savailable on a wide range of Windows devices.
Normally when you access your data it's through Windows and has the usual protections associated with signing into Windows. If somebody wants to bypass those Windows protections, however, they could open the computer case and remove the physical hard drive. Then by adding your hard drive as a second drive on a machine they control, they may be able to access your data without needing your credentials.
If your drive is encrypted, however, when they try to use that method to access the drive, they'll have to provide the decryption key (which they shouldn't have) in order to access anything on the drive. Without the decryption key the data on the drive will just look like gibberish to them.
Having trouble playing the video? Watch it on YouTube.
Is BitLocker asking for your recovery key? SeeFind your BitLocker recovery key.
Is it available on my device?
BitLocker encryption is available on supported devices running Windows 10 or 11 Pro, Enterprise, or Education.
On supported devices running Windows 10 or newer BitLocker will automatically be turned on the first time you sign into a personal Microsoft account (such as @outlook.com or @hotmail.com) or your work or school account.
BitLocker is not automatically turned on with local accounts, however you can manually turn it on in the Manage BitLocker tool.
To manage BitLocker encryption
Tap Startand in the search box, type Manage BitLocker and then select it from the list of results.
Note:You'll only see this option if BitLocker is available for your device. Itisn't available on Windows Home edition.
If you have BitLocker turned on for your device, it's important to be sure you have the Recovery Key backed up somewhere. If BitLocker thinks an unauthorized user is trying to access the drive it will lock the system and ask for the BitLocker recovery key. If you don't have that key, you won't be able to access the drive, and Microsoft support doesn't have access to the recovery keys either so they can't provide it to you, or create a new one,if it's been lost.
It only takes a few moments to back up your recovery key. For more info seeBack up your BitLocker recovery key.
Ifyour device doesn't support BitLocker, you may be able to use Windows Device Encryption instead.
To see if you can use Windows device encryption
-
In the search box on the taskbar, type System Information, right-click System Informationin the list of results, then selectRun as administrator. Or you can select theStartbutton, and then under Windows Administrative Tools, select System Information.
-
At the bottom of the System Information window, findDevice Encryption Support. If the value says Meets prerequisites, then device encryption is available on your device.
To turn on Windows device encryption
-
Sign in to Windows with an administrator account (you may have to sign out and back in to switch accounts). For more info, seeCreate a local or administrator account in Windows 10.
-
Select theStart button, then selectSettings > Update & Security > Device encryption. If Device encryption doesn't appear, it isn't available.
-
If device encryption is turned off, select Turn on.
Additional resources
Need more help?
Want more options?
Discover Community
Explore subscription benefits, browse training courses, learn how to secure your device, and more.
Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.
I'm a cybersecurity enthusiast with a profound understanding of encryption technologies, particularly those integrated into Microsoft Windows operating systems. My expertise extends to BitLocker and Windows Device Encryption, both crucial components for securing sensitive data on Windows devices.
Let's delve into the key concepts discussed in the provided article:
-
Device Encryption and Data Protection:
- The article emphasizes the importance of device encryption in safeguarding data on Windows devices. Encryption helps protect data from unauthorized access, especially when traditional security measures, such as Windows sign-in credentials, are bypassed.
-
Vulnerability Without Encryption:
- The article highlights a potential vulnerability where someone could physically access a computer, remove the hard drive, and attempt to retrieve data by connecting it to another machine. This method allows them to bypass the Windows login protections.
-
BitLocker Encryption:
- BitLocker is a specific encryption feature discussed in the article. It's available on Windows 10 or 11 Pro, Enterprise, or Education editions. When BitLocker is enabled, it encrypts the entire hard drive, and access to the data requires a decryption key.
-
Initiating BitLocker:
- BitLocker is automatically turned on for supported devices running Windows 10 or newer when signing into a personal Microsoft account or a work/school account. However, it's not enabled by default for local accounts. Users can manually activate BitLocker using the "Manage BitLocker" tool.
-
Recovery Key:
- The article stresses the importance of backing up the BitLocker recovery key. If BitLocker detects an unauthorized attempt to access the drive, it may lock the system and request the recovery key. Without this key, users risk losing access to their data.
-
Windows Device Encryption:
- For devices that do not support BitLocker, Windows Device Encryption is an alternative. Users can check if their device supports it by looking for "Device Encryption Support" in the System Information. If supported, they can enable it through the Settings menu.
-
Enabling Windows Device Encryption:
- To activate Windows Device Encryption, users need to sign in with an administrator account, navigate to Settings > Update & Security > Device encryption, and turn it on if it's not already enabled.
-
Additional Resources:
- The article provides additional resources, such as guidelines for backing up the BitLocker recovery key and finding it in Windows. It also mentions that Windows Home edition does not support BitLocker.
In conclusion, the article provides comprehensive information on securing Windows devices through encryption, specifically highlighting the features and processes associated with BitLocker and Windows Device Encryption. Users are encouraged to understand and utilize these security measures to protect their data effectively.
