BitLocker is popular security and antimalware tool for Windows users that securely encrypts the entire hard drive and similar storage devices. It provides firmware level security to prevents boot sector viruses to damage your computer functioning. Initially, it is available for Windows 8.1 pro and Windows 8.1 enterprise edition. However, if you don’t see it enabled, contact your IT dept. to make BitLocker enabled for your PC.
Microsoft has taken this security tool to next level by making it enable for securing data on the portable devices, such as your external hard drive using BitLocker to Go feature. It helps protect user data stored on removal devices by means of password or smart card and prevents hackers or malware to get into the protected drive and infect the stored content.
Steps to protect removable devices
Press ‘Window + Q’ and type BitLocker in the search text box, Click on ‘Manage BitLocker’ to open settings on the control panel. Alternatively, copy and paste the location mentioned below to directly open ‘BitLocker Drive Encryption’ window.
Control Panel\All Control Panel Items\BitLocker Drive Encryption
By default, BitLocker To Go features is off and you need to make it enable. Click on removable drive icon under ‘Removal Data Drives – BitLocker To Go’ section to open the drop down menu. Click on ‘Turn on BitLocker’ to encrypt this drive using BitLocker.
There are mainly two types of decrypt methods you can use to decrypt the data stored on removable storage device: ‘Use a password’ or ‘Use a smart card’. Initially, you can use password to encrypt the stored content and reenter it to confirm. Make a note or take print out of the password you’ve entered as you’ll need it to access encrypted hard drive whenever you plug it to the same computer or different at later stage.
However, Microsoft offers three convenient way to recover passwords if you’ve forgotten it. You can save details to your Microsoft account, save it to the text file or take a print out of the recovery key.
Note: Recovery drive is a 48 digit numeric combination that you’ll need to enter to unlock your drive. However, this option additionally requires ‘Identifier’ value to be the same with the combination displayed on your PC during the process of unlocking your drive. If the sequences are same, only then you may able to use the recovery key to unlock your drive.
Once you lost the recovery key or forgot the password you’ve set previously, you are out of the game. You’ll no longer be able to access data and formatting will be the last resort by agreeing that you may not able to see the encrypted hard drive content forever. There are no such that can recover data from an encrypted hard drive or the drive protected using BitLocker.
You can encrypt the entire hard such as one of your hard drive partitions containing sensitive information. Alternatively, you can also encrypt only the used space on a brand new drive or computer. Any newly added data to the fresh drive will be automatically encrypted.
It is recommend to encrypt the entire drive if it’s an older drive and more susceptible to get infected. Encrypting drive may takes time little longer than expected, depending on the capacity. Let the encryption complete successfully because your data won’t be protected until the encryption process is completed. You’ll get a confirmation dialog box when the encryption is completed, click on ‘Close’ button to finish the task.
Further, you can ‘Backup your recovery’, ‘Change Password’, ’Remove password’, ‘Add Smart Card’, ‘Turn on Auto Unlock’ and ‘Turn Off BitLocker’.
What if you encrypt the operating system drive?
Securing your bootable drive is always a good idea as it prevents any rootkits virus to enter into your PC and alter the BIOS settings, later making your PC unbootable or inaccessible. Once the boot drive is protected using BitLocker, it’ll perform thorough scan at startup and prevents any programs or application to start that looks suspicious or providing from untrusted source. In some cases, BitLocker will locks the system drive if any unattended BIOS changes were made or any startup files has been removed since the last start. It can cause your system to lock and you’ll need special recovery key to unlock the computer.
What is BitLocker To Go reader
As already stated, BitLocker encryption is available only on the selected flavor of operating system. What if you are sitting on any older version of Windows, can say Vista, Windows 7 or XP etc. and desperately want to read the encrypted hard drive content. BitLocker to Go reader is a specially created to address such needs which lets you explore the encrypted drive data as well as copy/move it to any other removal devices or internal storage device. However, once the data is copied from the encrypted drive, it will not be protected and can be easily accessed, modified or even deleted.
Note: This program won’t allow you to decrypt the entire drive or save data to the encrypted drive. Moreover, you’ll also need to enter password for BitLocker protected drive to read the stored content.