Bitlocker Drive Encryption is one of the most popular encryption solutions for Windows users. In Windows Vista and Windows 7 it is made available only in the more expensive editions, which means it is used by a smaller number of people. However, in Windows 8 it will be used a lot more, simply because it is also made available in the more affordable Pro version. In this guide, I would like to show the basics of encrypting your system partition with BitLocker whether you have a TPM chip in your computer or not.
NOTE: Bitlocker Drive Encryption is available in the Enterprise and Ultimate editions of Windows Vista and Windows 7. It also is available in the Pro and Enterprise editions of Windows 8.
Launching the BitLocker Drive Encryption Panel
Both in Windows 7 and Windows 8, BitLocker is found in the Control Panel. Launch it and go to System and Security -> Bitlocker Drive Encryption.
This is how the BitLocker panel looks in Windows 7. For each drive you see its drive letter, label and the status of BitLocker: On or Off.
The BitLocker panel in Windows 8 is better organized and generally looks better. Also the drives are split into categories, according to their type.
How to Encrypt Your System Partition in Windows 8
Click or tap on the ”Turn on BitLocker” button next to the drive you want to encrypt. This opens the BitLocker Drive Encryption wizard. You are asked to enter a password that will be required each time you boot your computer. Without it, you won’t be able to access the partition that is encrypted or boot to Windows 8. Therefore, make sure you remember this password and you choose something that is not easily guessable by others.
Once you are done typing the password, press Next.
Now you are asked where you want to back up the recovery key. This key is used only when you have problems accessing the encrypted drive. Choose the option you prefer and then press Next.
You are asked how much of your drive you want to encrypt. If you have a newer computer with a fresh installation of Windows 8, it is best to choose the first option. If your computer has been used for a while, it is best to encrypt the whole drive. The second option will make the encryption process take longer though. Pick the option that works best for you and press Next.
Leave the ”Run BitLocker system check” box checked and press Continue.
You are then informed that the encryption will be completed after a restart. Reboot your computer, enter the password you have set earlier and log in to Windows 8.
The progress of the encryption process is shown on the Desktop, in the notification area.
If you click or tap the notification, a progress window is displayed.
You can continue to use the computer while the encryption is performed in the background. When the process is over you will be informed.
IMPORTANT: Another enhancement in Windows 8 is that the encryption process is the same, even if you use a TPM chip or not. There are very minor differences. That’s not true about Windows 7 which, in case you don’t use a TPM chip, forces you to use at all times a USB memory stick where your BitLocker startup key is stored. Without it plugged in, you won’t be able to access the encrypted partition.
How to Encrypt Your System Partition in Windows 7
If you are using a TPM chip with Windows 7, then than encryption process is very similar to the instructions shown for Windows 8.
If you followed this tutorial on a computer without a TPM chip, to enable BitLocker encryption, then you will go through some additional steps.
When you start the BitLocker Drive Encryption wizard, you are first required to store a Startup key and have it used at every startup.
You can store it on a USB memory device, like a memory stick. Select the device and press Save.
Then you are asked to save the recovery key. Unlike Windows 8, Windows 7 doesn’t allow you to save it in your Microsoft account (on SkyDrive). The other options available are the same.
Once your computer is restarted in order to start the encryption process, you won’t be asked for the BitLocker password/startup key like in Windows 8. You will have to plug in the USB drive where it stored. Without it, you won’t be able to access the partition that was encrypted.
If you have a TPM chip on your computer, it is easy to encrypt any partition on your system, both in Windows 7 and Windows 8. If you don’t, then the process is more complex and accessing the encrypted partition is more of a hassle in Windows 7. Luckily, Microsoft has improved the experience considerable in Windows 8 and made it easier for everyone to use this feature.