Enabling Bitlocker

Follow the next steps to enable Bitlocker:
  1. Enable BitLocker:
  • Open Control Panel.
  • Click the BitLocker Drive Encryption icon.
  • Click the Turn on BitLocker option.
  • Select the desired option to back up the recovery key.
  • Click the Next button. Select the desired method of encryption (used disk space only or the entire drive).
  • Click the Next button.
  • Select the desired encryption mode (new encryption or compatible).
  • Click the Next button.
  • If desired, check the Run BitLocker system check option.
  • Click the Start encrypting button.
 
  1. Enable the pre-boot PIN:
  • Open the Local Group Policy Editor (press the key combination Windows + R, type gpedit.msc and press Enter).
  • Go to Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives.
  • Double-click the Require additional authentication at the startup option.
  • Select Enabled.
  • In the Options window, under Configure TPM startup PIN, select Require startup PIN with TPM.
  • Click the OK button.
  • Double-click the Enable use of BitLocker authentication requiring preboot keyboard input on the slates option.
  • Select Enabled.
  • Click the OK button.
The result should be as below.
image.png
  1. Set the desired PIN:
  • Open a Command Prompt with administrator rights (in the search bar, type cmd, click and hold the Command Prompt icon and select Run as administrator). You must see Administrator: Command Prompt in the window title.
  • Type manage-bde -protectors -add c: -TPMAndPIN and press Enter.
  • Enter the desired PIN and press Enter.
  • Repeat the same PIN to confirm and press Enter.
  • The result should be as below.
  • 0 Users Found This Useful
這篇文章有幫助嗎?