Hard drive encryption is the simplest and fastest way to increase security. It is great that Windows has a built-in drive encryption program, called BitLocker. This utility is available for Windows 10 Pro, Enterprise and Education users.
Drive encryption sounds scary because if you lose your password, your drive will be locked forever. On the contrary, the security it provides you is almost unrivaled. Here's how you can encrypt a hard drive with BitLocker on Windows 10 .
BitLocker is a full disk encryption tool, available in Windows 10 Pro, Enterprise, Education. You can use BitLocker to encrypt a volume drive (which may be part or the whole drive).
BitLocker provides strong encryption for regular Windows 10 users. By default, BitLocker uses strong AES 128-bit (or AES-128) encryption. Currently, there is no method to break it. A research team tried to hack into this AES encryption algorithm but it might take millions of years to crack the key. That's why people call AES "military grade encryption."
Therefore, BitLocker uses AES-128 to provide the highest "security barrier" for all users. In addition, you can also use BitLocker with 256-bit higher encryption to crack the drive code almost impossible. This article will guide you how to transfer BitLocker to AES-256 environment.
Basically, BitLocker has 3 different encryption methods:
Not sure if your system has a TPM module? Press the Windows+ key R, then type tpm.msc . If you see information about TPM on your system, it is already installed. If you see the message "Compatible TPM cannot be found," your system does not have the TPM module installed.
No problem if you don't already have it. You can still use BitLocker without the TPM module. Here are more detailed instructions.
The first thing you need to do is check if BitLocker is enabled on the system or not.
Type gpedit in the Start Menu search bar and select Best Match. The Group Policy Editor will open.
Go to Computer Configuration> Administrative Templates> Windows Components> BitLocker Drive Encryption> Operating System Drives .
Select Require additional authentication at startup after Enabled .
If the system does not have a compatible TPM module, check the Allow BitLocker box without a compatible TPM .
First, type bitlocker in the search bar on the Start Menu, then select Best Match.
Select the drive you want BitLocker encrypted> select Turn BitLocker On .
Now you have to choose how you want to encrypt this drive. Here, you have two options:
Check the first option to use a drive unlock password.
This is an extremely interesting part: choose a strong password that is suitable and easy to remember for you. As suggested by BitLocker, the password should contain uppercase & lowercase letters, numbers, spaces and symbols. You can refer to How to create a strong strong password on download.vn .
Once you've created the appropriate password, enter it, then type it again to confirm it.
The next page contains options for generating a BitLocker recovery key. The key must be "unique, unique" and this is the only way you can make a secure copy of the data. You have 4 options. The article select Save to File , then click on the location to save easily. Finally, click Next .
This step, you need to choose the number of drives you want to encrypt. BitLocker recommends encrypting the entire drive if you use it to ensure the safety of all available data, including information that has been deleted but not yet moved from the drive. On the other hand, if you encrypt a new drive or computer, you only need to encrypt the part currently used by BitLocker to automatically encrypt the new data when added.
Finally, choose the encryption mode. Windows 10 version 1511 introduces a new drive encryption mode, called XTS-AES. It provides integrity preservation support. However, XTS-AES is not compatible with older versions of Windows. If the drive encrypted with BitLocker is still on the system, you can choose the new XTS-AES mode.
Conversely, if you plan to connect the drive to another computer, select Compatible mode .
As a final step, it's time to use BitLocker to encrypt the drive. Select Start encrypting and wait for the process to complete. This may take a while depending on the amount of data you have.
When rebooting the system or accessing an encrypted drive, BitLocker will prompt you for a password.
Instead of 128-bit AES, you can use stronger 256-bit AES encryption for BitLocker. Although 128-bit AES never seems to be defeated, you can always power it up if you want.
The main reason to use AES-256 instead of AES-128 is to counteract the rise of quantum computing in the future. This method can break the existing standard encryption more easily than hardware.
Open Group Policy Editor, go to Computer Configuration> Administrative Templates> Windows Components> BitLocker Drive Encryption .
Select Choose drive encryption method and cipher strength > check Enabled , and then click XTS-AES 256-bit in the drop down dialog box. Click Apply . It's done.
Now you know how to encrypt a Windows 10 drive with BitLocker. Using this method, you do not need to install a third application on your computer. Hope the article is helpful to you.
Tired of annoying Microsoft Edge microphone background noise ruining your calls? Discover step-by-step solutions to solve Microsoft Edge microphone background noise for flawless video conferences and recordings in Edge.
Tired of Microsoft Edge extensions crashing? This step-by-step 2026 guide delivers quick, proven fixes to restore stability. Update, reset, and troubleshoot like a pro—no tech skills needed!
Stuck with Microsoft Edge Error 404 Page Not Found? Follow our proven step-by-step troubleshooting guide to fix it fast, clear cache, reset settings, and browse without interruptions. Get back online now!
Struggling with Microsoft Edge HTTP Error 500? Discover step-by-step fixes for Internal Server Problems, from cache clearing to advanced troubleshooting. Get back online fast!
Struggling with Microsoft Edge "DirectX Runtime" compatibility errors? Discover step-by-step fixes to resolve crashes, video glitches, and performance issues in Edge. Get back to smooth browsing today!
Struggling with ERR_SSL_PROTOCOL_ERROR in Microsoft Edge? Discover step-by-step fixes for SSL protocol errors, from clearing cache to advanced resets. Get back online fast with our ultimate guide.
Tired of Microsoft Edge "Script Error" ruining your prints? Follow our proven, step-by-step guide to fix it quickly—no tech expertise required. Works on the latest Edge versions for seamless printing.
Master how to disable Microsoft Edge WebView2 Runtime permanently and reclaim your PC resources for epic gaming. Step-by-step methods to stop background drain, boost FPS, and keep it gone forever – perfect for gamers!
Struggling with Microsoft Edge "Too Many Redirects" error? Discover step-by-step fixes to resolve ERR_TOO_MANY_REDIRECTS instantly. Clear cache, reset settings, and more for smooth browsing. Updated for latest Edge versions.
Tired of YouTube lag and stutter in Microsoft Edge? Get instant fixes for smooth playback in 2026. Step-by-step guide to resolve Microsoft Edge YouTube lag, clear cache, disable hardware acceleration, and more for seamless streaming.
