What is BitLocker?
BitLocker is an inbuilt device into Windows that enables you to encrypt a whole hard drive for propel security. We will perceive how to set it up in this article further. BitLocker has been around in Windows sufficiently long to be viewed as develop, and is an encryption product for the most part all around respected by security experts.
There are 2 bitlocker versions available and we will discuss more on this later. Both of them require a Professional or Enterprise edition of Windows 8 or 10, or the Ultimate edition of Windows 7. In any case, beginning with Windows 8.1, the Home and Pro versions of Windows incorporate a “Device Encryption” feature (a highlight likewise incorporated into Windows 10) that works comparably.
Encrypt an Entire Drive or Create an Encrypted Container(Removable Disk)
Many aides out there discuss making a BitLocker compartment that works much like the sort of encrypted holder you can make with items like TrueCrypt or Veracrypt. It’s somewhat of a misnomer, however you can accomplish a comparative impact. BitLocker works by encrypting whole drives. That could be your framework drive, an alternate physical drive, or a virtual hard drive (VHD) that exists as a document and is mounted in Windows.
The distinction is generally semantic. In other encryption items, you for the most part make an encrypted holder, and after that mount it as a drive in Windows when you have to utilize it. With BitLocker, you make a virtual hard drive, and afterward encrypt it. On the off chance that you’d jump at the chance to utilize a holder as opposed to, say, encrypt your current framework or capacity drive, look at our guide to making an encrypted compartment record with BitLocker. For this article, we will focus on empowering BitLocker for a current physical drive.
Must Read : Stay safe from KEYLOGGERS
How to Encrypt a Drive with BitLocker
To utilize BitLocker for a drive, all you truly need to do is enable it, pick a password or PIN. A BitLocker’s full-circle encryption on a system drive generally requires a computer with a Trusted Platform Module (TPM) on your PC’s motherboard. This chip produces and store the encryption keys that BitLocker employments. On the off chance that your PC doesn’t have a TPM, you can use Group Policy to enable utilizing BitLocker without a TPM. It’s somewhat less secure, yet at the same time more secure than not utilizing encryption by any means. You can encrypt a non-system drive or removable drive without TPM and without enabling the Group Policy setting.
Types of BitLockers
- BitLocker Drive Encryption: BitLocker is a “full-circle encryption” highlight that encrypts a whole drive. At the point when your PC boots, the Windows boot loader loads from the System Reserved partition, and the boot loader prompts you for your open strategy—for instance, a password. BitLocker at that point unscrambles the drive and loads Windows. The encryption is generally straightforward records seem like they typically would on an unencrypted system, however they’re put away on the circle in an encrypted frame. You can likewise encrypt different drives than simply the system drive.
- BitLocker To Go: You can encrypt outside drives, for example, USB streak drives and outer hard drives with BitLocker To Go. You’ll be incited for your open technique—for instance, a password—when you associate the drive to your computer. On the off chance that somebody doesn’t have the open technique, they can’t get to the documents on the drive.
In Windows 7 through 10, you truly don’t need to stress over making the determination yourself. Windows handles things in the background, and the interface you’ll use to enable BitLocker doesn’t look any changed. In the event that you wind up opening an encrypted drive on Windows XP or Vista, you’ll see the BitLocker to Go marking, so we figured you ought to at any rate think about it. Along these lines, with that off the beaten path, we should go over how this really functions.
Step #1 : How to Enable BitLocker for a Drive
The easy approach to enable BitLocker for a drive is to right-click the drive in a File Explorer window, and after that pick the “Turn on BitLocker” charge. On the off chance that you don’t see this alternative on your setting menu, at that point you likely don’t have a Pro or Enterprise version of Windows and you’ll have to look for another encryption solution. It’s simply that basic. The wizard that flies up strolls you through choosing a few alternatives, which we’ve separated into the areas that take after.
Step #2 : Choose an Unlock Method
The initial screen you’ll find in the “BitLocker Drive Encryption” wizard gives you a chance to pick how to open your drive. You can choose a few distinctive methods for opening the drive.
In case you’re encrypting your system drive on a computer that doesn’t have a TPM, you can open the drive with a password or a USB drive that works as a key. Select your open technique and take after the guidelines for that strategy (enter a password or module your USB drive).
On the off chance that your computer does have a TPM, you’ll see extra choices for opening your system drive. For instance, you can design programmed opening at startup (where your computer gets the encryption keys from the TPM and consequently decrypt the drive). You could also use a PIN instead of a password, or even pick biometric alternatives like a fingerprint.
Must Read: Secure Google account
In case you’re encrypting a non-system drive or removable drive, you’ll see just two choices (regardless of whether you have a TPM or not). You can open the drive with a password or a smartcard (or both).
Step #3 : Back Up Your Recovery Key
A recovery key is provided to access your encrypted drive or files in case you have lost your main key. For example, if you forget your password or if the PC with TPM dies and you have to access the drive from another system.
You can save the key to your Microsoft account, a USB drive, a file, or even print it. These options are the same whether you’re encrypting a system or non-system drive. If you back up the recovery key to your Microsoft account, you can access the key later from here. If you use another recovery method, be sure to keep this key safe—if someone gains access to it, they could decrypt your drive and bypass encryption.
You can likewise move down your recovery key various ways in the event that you need. Simply click every choice you need to use thus, and after that take after the headings. When you’re finished sparing your recovery keys, click “Next” to proceed onward.
If you’re encrypting a USB or other removable drive, you won’t have the choice of sparing your recovery key to a USB drive. You can utilize any of the other three choices.
Step # 4 : Encrypt and lock the Drive
BitLocker naturally encrypts new records as you include them, yet you should pick what occurs with the documents right now on your drive. You can encrypt the whole drive—including the free space—or simply encrypt the utilized circle records to accelerate the procedure. These choices are likewise the same whether you’re encrypting a system or non-system drive.
In case you’re setting up BitLocker on another PC, encrypt the utilized plate space just—it’s substantially speedier. In case you’re setting BitLocker up on a PC you’ve been utilizing for some time, you ought to encrypt the whole drive to guarantee nobody can recover erased documents. When you’ve influenced your choice, to click the “Next” button.
Whichever alternative you pick (and once more, these are the same for system and non-system drives), simply ahead and click the “Next” catch when you’re set, and on the following screen, click the “Start Encrypting” button.
Step # 5 : Final Step
The encryption procedure can take anyplace from seconds to minutes or considerably more, contingent upon the measure of the drive, the measure of information you’re encrypting, and whether you encrypted free space.
In case you’re encrypting your system drive, you’ll be incited to run a BitLocker system check and restart your system. Ensure the alternative is chosen, click the “Proceed with” button, and after that restart your PC when asked. After the PC boots move down out of the blue, Windows encrypts the drive.
In case you’re encrypting a non-system or removable drive, Windows does not have to restart and encryption starts instantly. Whatever sort of drive you’re encrypting, you can check the BitLocker Drive Encryption symbol in the system plate to see its improvement, and you can keep utilizing your computer while drives are being encrypted—it will simply perform all the more gradually.
Must Read: Secure from RANSOMWARE
How to Unlock Your Drive
On the off chance that your system drive is encrypted, opening it relies upon the strategy you picked (and whether your PC has a TPM). In the event that you do have a TPM and chosen to have the drive opened consequently, you won’t see anything unique—you’ll simply boot straight into Windows like dependably. On the off chance that you picked another open strategy, Windows prompts you to open the drive (by writing your password, interfacing your USB drive, or whatever).
What’s more, in the event that you’ve lost (or overlooked) your unlock technique, press Escape on the provoke screen to enter your recovery key. In the event that you’ve encrypted a non-system or removable drive, Windows prompts you to open the drive when you first access it in the wake of beginning Windows (or when you associate it to your PC if it’s a removable drive). Sort your password or embed your shrewd card, and the drive ought to open so you can utilize it.
In File Explorer, encrypted drives show a gold lock on the icon. That lock changes to gray and appears unlocked when you unlock the drive.
You can mange a locked drive—change the password, turn off BitLocker, back up your recovery key, or perform different activities—from the BitLocker control board window. Right-click any encrypted drive, and after that select “Manage BitLocker” to go specifically to that page.
Decrypting a Drive
If you wish to decrypt your encrypted bitlocker drive then follow the below steps.
Right Click on encrypted drive and click on Manage BitLocker
Then from the below options click on Turn off BitLocker
Click Turn Off BitLocker at the prompt
The BitLocker applet should then indicate that the drive is decrypting. This process could take several hours but the computer will still be usable during this time.
Like all encryption, BitLocker adds some overhead. If encryption is critical to you since you have delicate information for instance, a workstation loaded with business records—the upgraded security is certainly justified regardless of the execution exchange off.