How to enable BitLocker encryption on Windows 10

You can enable BitLocker to encrypt your data whether you use Windows 10 Pro or Home, and here's how.

Windows 10 BitLocker
Windows 10 BitLocker / Image: Mauro Huculak
  • To enable BitLocker on Windows 10 Pro, open Control Panel > System and Security > BitLocker Drive Encryption, click “Turn on BitLocker,” configure the unlock authentication, choose to encrypt used space only option and select the new encryption mode.
  • On Windows 10 Home, open Settings > Update & Security > Device encryption, and turn on the description feature.

On Windows 10, you can enable BitLocker, but the instructions will be slightly different depending on where you have Windows 10 Home or Pro, and in this guide, I will show you how.

In a nutshell, BitLocker is a security feature that protects your files using data encryption to prevent unauthorized access from hackers and prying eyes. The feature is available on Windows 10 Pro, Enterprise, and Education, and while it’s not available for the Home edition, the operating system offers a limited version of BitLocker known as “device encryption,” which is available on compatible devices (such as Surface Pro 9, Laptop 5, and others equipped with a Trusted Platform Module (TPM) 1.2, 2.0, or higher versions).

On Windows 10 Pro, you can turn on BitLocker without TPM using software-based encryption. However, it requires extra steps for additional authentication.

In this guide, I will teach you the easy steps to set up BitLocker on your computer regardless of the edition of Windows 10. (These instructions will also work in older versions, such as Windows 8 and 7.)

Enable BitLocker on Windows 10 Pro

To enable BitLocker on Windows 10 Pro, use these steps:

  1. Open Start on Windows 10.

  2. Search for Control Panel and click the top result to open the app.

  3. Click on System and Security.

  4. Click on BitLocker Drive Encryption.

    BitLocker Drive Encryption

  5. Click the “Turn on BitLocker” option under the “Operating system drive” section.

    BitLocker Windows 10 drive encryption

  6. Choose the authentication option to unlock the computer during startup – For example, “Enter a PIN.”

    BitLocker unlock drive startup option

  7. Configure the authentication method.

    Configure BitLocker PIN

    Quick tip: Instead of creating a second PIN, use the one you already have to sign in, but type twice, for example, 12341234.
  8. Click the Set PIN button.

  9. Select the option to backup the recovery key – For example, “Save to your Microsoft account.”

    Save to your Microsoft account

  10. Click the Next button.

  11. Select the “Encrypt used disk space only” option.

    Encrypt used disk space only

  12. Click the Next button.

  13. Select the “New encryption mode” option.

    New encryption mode

    Quick note: If you intend to encrypt a drive you will use on an older version of Windows, you should choose the “Compatible mode” option.
  14. Click the Next button.

  15. (Optional) Check the “Run BitLocker system check” option.

    Windows 10 BitLocker system check

  16. Click the Restart now button.

Once you complete the steps, the device will have to reboot to enable BitLocker.

If you used the Microsoft account option to save the BitLocker recovery key, then the keys will be stored in the device BitLocker recovery keys section of your account.

In case you want to disable BitLocker, open Control Panel > System and Security > BitLocker Drive Encryption, click “Turn off BitLocker,” and continue with the on-screen directions.

Enable BitLocker on Windows 10 Home

To turn on BitLocker on Windows 10 Home with a Trusted Platform Module (TPM), use these steps:

  1. Open Settings.

  2. Click on Update & Security.

  3. Click on Device encryption.

    Quick note: The settings page and option will only be available if the hardware is compatible and has a Trusted Platform Module (TPM) version 1.2 or later.
  4. Click the Turn on button.

    Windows 10 device encryption

Once you complete the steps, BitLocker will provide encryption for the full drive, and moving forward, all your new files will be encrypted.

At any time, you can disable BitLocker with the same instructions, but in step 4, click the “Turn off” button.

After turning on drive encryption on your computer, the only way to decrypt your files is by signing in to your account password. If you ever forget your password, never try to use third-party recovery tools to reset your password, as you will lose access to files forever.

About the author

Mauro Huculak is a Windows How-To Expert who started Pureinfotech in 2010 as an independent online publication. He has also been a Windows Central contributor for nearly a decade. Mauro has over 15 years of experience writing comprehensive guides and creating professional videos about Windows and software, including Android and Linux. Before becoming a technology writer, he was an IT administrator for seven years. In total, Mauro has over 21 years of combined experience in technology. Throughout his career, he achieved different professional certifications from Microsoft (MSCA), Cisco (CCNP), VMware (VCP), and CompTIA (A+ and Network+), and he has been recognized as a Microsoft MVP for many years. You can follow him on X (Twitter), YouTube, LinkedIn and About.me. Email him at [email protected].