Encryption in Windows is the process of encoding or transforming messages or information to a form that is difficult to understand or decode by hackers, but the authorized parties can. The BitLocker Drive Encryption is necessary to protect all files and folders stored on the Operating System Drive, or fixed data drives or removable data drives like external hard drives or USB flash drives from any kind of data theft and maintain privacy of all valuable data stored on your system. Here is the tutorial how to enable or disable the BitLocker Drive Encryption in Windows 7 OS.
BitLocker encrypts or encodes the entire drive or volume. The system files that are essential for Windows startup and logon are also encrypted. The authorized owner, be it you, then you can log on and work with your files normally, but BitLocker blocks the unauthorized access of your system files from the hackers.
When you create a new file and store it on your system drive and if that drive is encrypted with BitLocker, then the newly added files are encrypted automatically. When you share those encrypted files on the network then also you don’t run a risk of data theft as they can be accessed only by the authorized users.
Before moving to BitLocker Drive Encryption, there are some hardware requirements that must meet the system. The requirements vary according to the type of drive been selected for encrypting. To encrypt the OS drive that sis the drive on which Windows is installed, BitLocker stores its own encryption and decryption key in a hardware device that is separate from your hard disk that may be either Trusted Platform Module (TPM) or a removable USB Flash Drive.
To enable BitLocker Drive Encryption on the operating system drive, your system’s hard disk must have at least two partitions. First partition will include the drive on which Windows is installed with a minimum space of 400 MB. This particular drive will be encrypted by BitLocker. The other partition is the active partition that remains unencrypted to help computer at start up. If your computer does not have two partitions, then it will be created by BitLocker.
BitLocker can be used to encrypt both fixed data drives and removable data drives that is both the internal and external removable hard drives and USB flash drives. To start encryption, a data drive must be formatted using either the exFAT, FAT16, FAT32, or NTFS file system and must be at least 128 MB.
Follow the Steps given below to Enable BitLocker
- Go to Start Orb and click to open Control Panel option
- Next click the System and Security link from the control panel window
- Upon opening of the System and Security section of Control Panel, you can see the direct link for the BitLocker Drive Encryption
- Click on the BitLocker Drive Encryption and a new window pop-ups
- The BitLocker Drive Encryption is by default disabled or turned Off for the Hard Disk Drive
- Click to Turn On BitLocker.
- This will open the BitLocker setup wizard. Follow the prompts or instruction in the wizard to complete the encryption process. On prompted by UAC for administrator password or confirmation, give the password or provide confirmation.
- To Disable the BitLocker, click Turn Off BitLocker which will open the BitLocker Drive Encryption dialog box. On prompted by UAC for administrator password or confirmation, give the password or provide confirmation.
In order to decrypt the drive, click on Decrypt the volume and click Suspend BitLocker Drive Encryption To temporarily suspend BitLocker.
If your system doesn’t meet the hardware requirement nor has non-compatible Trusted Platform Module (TPM) security device on your computer, then the encryption process is restricted.
In that case, the alternate way to encrypt drive is given below.
- Go to Start menu and type gpedit.msc in the search box to open group policy editor
- Navigate to Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives
- To the right of the window, double-click on Require additional authentication at startup.
- A new window appears, select Enabled and Make sure Allow BitLocker without a compatible TPM is checked on, and then click OK
Now open My Computer window and right-click on drive you want to encrypt. You will see that BitLocker is added to your context menu. Now select Turn on BitLocker to start encrypting your drive and follow the instruction to complete the encryption process.
Upon following the above discussed steps, you can encrypt your Windows 7 hard disc drive.