BitLocker


Enable BitLocker without TPM.

As technology advances, the need for security in our devices also increases. Windows 10 Pro offers a feature called BitLocker, which can help protect your files from unauthorized access. However, not all devices have a Trusted Platform Module (TPM) chip that BitLocker requires to function. Don’t worry, though, as there is still a way to enable BitLocker on your device without a TPM.

In this post, we will guide you through the process of enabling BitLocker on your Windows 10 Pro device without a compatible TPM. We have also included a video tutorial that you can follow along with.

Step 0: Check if your device has a compatible TPM.

Before we get started, you should check if your device has a compatible TPM. To do this, press the Windows key + R on your keyboard to open the Run dialog box. Type tpm.msc and press Enter. If your device has a TPM, you will see a window that shows its status.

Step 1:

Follow the steps in the video to change the configuration of BitLocker so that it will allow you to set it up without a compatible TPM.

Step 2: Enable BitLocker

If your device does not have a compatible TPM, we can still enable BitLocker by using a password or USB key instead. To enable BitLocker, right-click on the drive you want to encrypt and select “Turn on BitLocker.”

Step 3: Choose your preferred unlock method

When prompted to choose an unlock method, select “Enter a password” or “Insert a USB flash drive.” If you select the USB option, you will need to insert the USB drive before proceeding.

Step 4: Choose how much of your drive to encrypt

You can choose to encrypt only the used space or the entire drive. Select your preferred option and click “Next.”

Step 5: Choose where to store your recovery key

Your recovery key is a backup that you can use to access your files if you forget your password or lose your USB key. Choose whether to save the recovery key to your Microsoft account, save it to a file, or print it. Make sure to store your recovery key somewhere safe.

Step 6: Begin the encryption process

Once you have chosen your settings and saved your recovery key, click “Start encrypting.” The encryption process may take some time, depending on the size of your drive.

Congratulations! You have successfully enabled BitLocker on your Windows 10 Pro device without a compatible TPM.

Please refer to the accompanying video for a visual guide and demonstration of the steps outlined in this post.


Increase BitLocker to 256-bit

Encryption is an essential security measure that helps protect your sensitive data from unauthorized access. One of the most popular encryption tools available for Windows 10 Pro is BitLocker, which can encrypt your entire hard drive or specific folders and files. By default, BitLocker uses 128-bit encryption, which is considered secure but not the most robust option. If you want to increase the encryption key to 256 bits, which is the highest level of encryption currently available, follow these steps:

In summary, increasing your BitLocker encryption key to 256 bits is an easy way to add more security to your data. With 256-bit encryption, you can rest assured that your sensitive data is well protected.


BitLocker needs your recovery key to unlock your drive because Secure Boot policy has unexpectedly changed

Oh, the joy of wrong configurations!

Recently, a person brought us this laptop to “fix.”
The previous day, the owner performed some Windows updates, and after restarting, the machine got this error.
After inquiring with him, we got the following information:

  • He did not possess a BitLocker recovery key with a length of 48 digits.
  • He had never even attempted to put one up, save it anywhere, or copy it to a USB drive, nor had he ever printed it off.
  • He logged into his Microsoft and Azure account, receiving the message “You don’t have any BitLocker recovery keys uploaded to your Microsoft account.” even though his device was listed there.
  • He could not locate the recovery key after attempting to follow the published instructions published by Microsoft.

If the information we got from that person is correct, then it means that the last Windows update cost that person inadvertently to lose all data that he did not back up in an external media or service. (Cracking the recovery key for BitLocker is, of course, out of the question for non-magical or extremely rich people with unlimited resources.)

Our only pieces of advice are the following:

  • Wait a few days before updating your PCs. Although this is not a safe practice, it might give the people responsible for this issue some time to fix it with a hotfix patch or similar.
  • In the meantime, perform timely backups of your data to external media or services.
  • If you are familiar with the Windows OS ecosystem, check your BitDefender settings. If that service is active and you do not have the recovery key, disable it and then reactivate it. It will produce a new pair of passwords and recovery keys that you can save for future use.