This convenient feature helps when users forget their passwords or USB key sticks, or in case the system was rebooted after an unattended updates installation. PCs connected to an Active Directory domain with BitLocker enabled can be automatically unlocked when the machine is still connected to the corporate network. If you use BitLocker as a corporate data protection tool, consider enabling the Network Unlock feature. Starting with Windows 8, you can use an operating system volume password to protect the operating system volume on a computer without TPM. But if configuring BitLocker after an update of the previous Windows version, you need to partition the drive onto a minimum of two volumes.īitLocker also supports the Trusted Platform Module (a hardware chip installed on the motherboard) that helps ensure that the computer has not been infected and data has not been changed when the system was offline. When BitLocker is installed on a new computer, Windows will automatically create the partitions that are required for BitLocker. You can enable full disk encryption from the Windows control panel once BitLocker is installed. To decrypt the partitions, you need to provide an encryption password by one of several supported methods: Entering a PIN or password or using the USB key.
#VERACRYPT WHOLE DISK HOW TO#
In this article, we are going to explain how to do this using BitLocker and its main open-source alternative, VeraCrypt.īitLocker can encrypt any disk partition (including the system drive) and make it unreadable for untrusted users after PC shutdown or reboot. That is why it is becoming more and more popular to encrypt system drives. If no one can read your data, you do not need to worry about it being stolen. You can mitigate them by using data encryption technologies. Data leaks and ransomware infections are common threats nowadays.