Double-click on Require additional authentication at startup. In the Local Group Policy Editor, go to Computer Configuration / Administrative Templates / Windows Components / BitLocker Drive Encryption / Operating System Drives. Open the Run window by pressing the Windows + R shortcut, type the command gpedit.msc and press Enter. Open the Local Group Policy Editor and change some settings. To enable drive encryption without a TPM chip, you need to have administrator’s rights. This way, intruders can’t just steal the hard disk from your PC or create an image of the encrypted disk and then decrypt it on another computer. The TPM chip will only give you the encryption key only after checking the computer’s condition. BitLocker can save the encryption key to the TPM, which is much safer than keeping it elsewhere on your hard disk. TPM is actually a microchip integrated into the computer’s motherboard. Users who have no password won’t be able to access files stored in such media.īy default, encryption with BitLocker requires a TPM module to be available on your PC, to ensure security of the system drive. You’ll be suggested to enter a password to unlock the media when you connect it to the computer. You will have to enter a password when you address such disk for the first time.įor removable devices: External media, such as USB drives and external hard disks, can be encrypted with BitLocker To Go. You can also encrypt other disks in your computer as well – it is available not only the disk with the operating system. The encryption / decryption process is on-the-go, and you can work with the computer in the same way as before encryption was enabled. After that, BitLocker decrypts the disk and starts Windows. When the computer is turned on, the loader starts Windows from the System Reserved partition and suggests choosing a method to unlock – for example, using a password. It allows encrypting any built-in non-removable disks, system or not.
There are two encryption types available: However, dynamic disks cannot be encrypted with BitLocker.
Click on the option “Turn on BitLocker” next to the system drive, any logical disk or removable disk to enable encryption.
0 kommentar(er)
