How to Encrypt Hard Drive on Windows 11 with BitLocker

Encrypting a hard drive is a good way to protect its contents from unauthorized access. It encodes the hard drive’s contents using an encryption algorithm. 

This way, hackers or other random people can’t get access to your hard drive’s contents in any way unless they get the encryption key as well.

Windows allows two built-in methods to encrypt your internal as well as external drives— BitLocker and Device Encryption.

However, these methods depend on the Trusted Platform Module (TPM) hardware. Without TPM, you have to use third-party apps for the encryption.

Note: If you wish to use BitLocker or Device Encryption, enter your motherboard’s BIOS/UEFI and make sure that TPM is enabled.

How to Encrypt Hard Drive on Windows

Using BitLocker

The traditional and the most popular way of encrypting your hard drive is through the built-in feature, BitLocker. You can load this program through the Control Panel or Windows Settings.

Note: BitLocker is not available in Windows Home editions. For such OS, upgrade to a pro version or use other methods instead.

Log into an administrator account on Windows.

Press Windows + I 

  1. Open Settings.
  2. Click on System.
  3. Click the Storage page on the right side.
Storage settings
  1. Under the “Storage management” section, click on Advanced storage settings.
  2. Click on Disks & volumes.
Open Disks & volumes
  1. Select the drive with the partition to encrypt.
  2. Select the partition to enable encryption and click the Properties button.
Open drive properties
  1. Click the “Turn on BitLocker” option.
Settings turn on BitLocker
  1. Click the “Turn on BitLocker” option again.
Control Panel enable BitLocker
(Image credit: Future)
  1. Select the option to back up the recovery key — for example, Save to your Microsoft account.
  • Quick note: You can always find the recovery key on your Microsoft account. Also, the option to save online is only available when the account is connected to a Microsoft account.
Save to your Microsoft account
  1. Click the Next button.
  2. Select the “Encrypt used disk space only” option.
Encrypt used disk space only
  1. Click the Next button.
  2. Select the “New encryption mode” option.
New encryption mode
  1. Check the “Run BitLocker system check” option.
Run BitLocker system check
  1. Click the Restart now button (if applicable).

Once you complete the steps, the system will begin encrypting the data on the drive.

Note: You can also right-click on the drives inside your File Explorer and select Turn on Bitlocker or Show more options Turn on BitLocker to initiate the process.

Using Device Encryption

turn-on-device-encryption-1024x576

You can also use Device Encryption in some computers to encrypt your hard drives. It also uses the TPM like the BitLocker. But while BitLocker allows you to choose which drive to encrypt, this feature encrypts all connected drives.

Apart from the TPM, Device Encryption also has some more prerequisites:

  • Your PC should support UEFI firmware.
  • Your firmware should support modern standby (S0 state). (You can check by running powercfg /a on Run)

If your computer supports Device Encryption,

  1. Log in to a Microsoft account with admin privileges. If you don’t have such an account, create it or change to one.
  2. Open Windows Settings by pressing the Windows key + I.
  3. Go to Privacy & security Device Encryption or Update & Security > Device Encryption.
  4. Click on Turn on and wait until the process completes.
Note: If you can’t find the options, your system hasn’t met all the necessary requirements. Check System Summary Device Encryption Support on System Information (msinfo32 on Run) to see why automatic device encryption failed.

Using Third-Party Software

You can also use other third-party encryption software to encrypt and protect your drives.

Most of these programs don’t use the TPM, so there’s no hardware limitation. Many open-source and free apps like VeraCrypt, AxCrypt, DiskCryptor, etc., are also available for this purpose.

If you want to encrypt your external hard drives, you may even find an OEM encryption application.

In summary, Windows 11 Home users can use Device Encryption for internal drives but need third-party software for external drives. Windows 11 Pro/Enterprise users have more options with BitLocker for both internal and external drive encryption.

Mohamed SAKHRI
Mohamed SAKHRI

I'm the creator and editor-in-chief of Tech To Geek. Through this little blog, I share with you my passion for technology. I specialize in various operating systems such as Windows, Linux, macOS, and Android, focusing on providing practical and valuable guides.

Articles: 1751

Newsletter Updates

Enter your email address below and subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked *