How to Enable or Disable BitLocker with TPM in Windows (2024)

Table of Contents
Table of Contents: Enabling and Disabling BitLocker in Windows7, Windows8, Windows10 and Windows11 1. Enabling the TPM 2. Enabling BitLocker in the operating system 3. Checking BitLocker status (Manage BitLocker Console) 4. Checking BitLocker Status (Command Line) 5. Suspending BitLocker 6. Disabling BitLocker 7. BitLocker Encryption Videos Recommended Articles FAQs

Table of Contents:

  1. Enabling the TPM
  2. Enabling BitLocker in the operating system
  3. Checking BitLocker status (Manage BitLocker Console)
  4. Checking BitLocker Status (Command Line)
  5. Suspending BitLocker
  6. Disabling BitLocker
  7. BitLocker Encryption Videos

Enabling and Disabling BitLocker in Windows7, Windows8, Windows10 and Windows11

Windows BitLocker has become a solution for Users to secure their data. The following is how to enable and disable BitLocker using the standard methods.

This article does not discuss the utilization of a USB as a TPM replacement and does not discuss Group Policy changes for advanced features. Domain level Group Policy changes and network-managed BitLocker setups are Best Effort and are out of the scope of support. Supported configurations are limited to single computers and locally managed BitLocker setups.

NOTE: Systems with Skylake chipsets need a specific setup in order for BitLocker to work correctly. If a Skylake computer is prompting for the recovery key even with the following settings, ENSURE that the BIOS is up to date.

  • All Operating Systems that are configured in Legacy Boot Mode must use TPM 1.2. It is recommended that the BIOS be updated to the latest revision.
  • All Operating Systems that are configured in UEFI Boot Mode can use either TPM 1.2, or TPM 2.0. It is recommended that the BIOS be updated to the latest revision.
  • If a Windows 7 computer is configured for UEFI Boot Mode, this patch must be applied in order to use TPM 2.0: Microsoft TPM 2.0 Patch How to Enable or Disable BitLocker with TPM in Windows (1)
  • Exceptions to this are the Latitude 5175 and Latitude 7275, both of which only have TPM 2.0 and cannot downgrade to 1.2.

NOTE: For full, up-to-date requirements, see Microsoft's BitLocker requirements here: https://technet.microsoft.com/en-us/library/dd835565(WS.10).aspx How to Enable or Disable BitLocker with TPM in Windows (2)

1. Enabling the TPM

NOTE: Ensure that the TPM is Activated or Enabled after switching it on, if the option is present. Switching the TPM on does not automatically enable it to communicate with the operating system. Enabling the TPM is necessary for the operating system to take ownership of the TPM chip to store encryption keys.

  1. Turn the computer on.
  2. As the computer performs POST, press the hotkey (usually F2, or Delete) to enter the BIOS.
  3. Once in the BIOS, locate the section that configures Security.
  4. In the Security section, locate the TPM option.
  5. Select the TPM 2.0 or 1.2 section on the left.

    How to Enable or Disable BitLocker with TPM in Windows (3)
    Figure 1: (English Only)Select the TPM 2.0 or 1.2

  6. Check the TPM box on the right to turn on the TPM.
  7. After switching the TPM on, select the option to Activate or Enable the TPM

    How to Enable or Disable BitLocker with TPM in Windows (4)
    Figure 2: (English Only) Select the option to Activate or Enable the TPM

  8. After the TPM has been activated and enabled, click Save changes and Exit the BIOS.


Back to Top

2. Enabling BitLocker in the operating system

  1. Turn the computer on.
  2. Sign into the operating system as normal.
  3. Get to the BitLocker management section in one of the following ways:

    Windows 7


    Windows 8


    Windows10 and Windows11

    See Also
    If your passwords are less than 8 characters long, change them immediately, a new study saysHow secure is bitlocker - Encryption Methods and ProgramsCzasy szyfrowania Bitlocker — bezpieczeństwo jest warte czekania.What’s the deal with encryption strength —is 128 bit encryption enough or do you need more?

    Windows BitLocker How to Enable & Disable

    Duration: 01:39
    Closed captions: English only

    1. Start Menu path.
      1. Click the Windows Start Menu button.
      2. In the search box, type "Manage BitLocker."
      3. Press Enter or click the Manage BitLocker icon in the list.
    2. Control Panel path
      1. Click the Windows Start Menu button.
      2. Click the Control Panel.
      3. Click System and Security.
      4. Click any option under BitLocker Drive Encryption.
    3. Hard drive path
      1. Open Computer or My Computer
        • Alternatively, click the File Explorer icon and select your computer.
      2. Select the Encryption:\ (or Windows computer) drive.
      3. Right-click the drive that you selected.
      4. Click Turn on BitLocker.

        Note: This skips the initial BitLocker screen.

    4. App Screen path
      1. Click the Windows Start Menu button.
      2. Open the search box, type "Manage BitLocker."
      3. Press Enter or click the Manage BitLocker icon in the list.
    5. Control Panel path
      1. Click the Windows Start Menu button.
      2. Open the search box, type Control Panel.
      3. Click System and Security or search BitLocker in the Control Panel window.
      4. Click any option under BitLocker Drive Encryption.
    6. Hard drive path
      1. Open Computer or My Computer
        • Alternatively, click the File Explorer icon and select your computer.
      2. Select the C:\ (or Windows computer) drive.
      3. Right-click the drive that you selected.
      4. Click Turn on BitLocker.

        Note: This skips the initial BitLocker screen.

    7. Start Menu path.
      1. Click the Windows Start Menu button.
      2. Windows 10: In the search box, type "Manage BitLocker."
        Windows 11: In the search box, type "Device Encryption."
      3. Press Enter or click the Manage BitLocker icon in the list.
    8. Control Panel path
      1. Right-Click on the Windows Start Menu button.
      2. Click the Control Panel.
      3. Click System and Security.
      4. Click any option under BitLocker Drive Encryption.
    9. Settings path
      1. Click the Windows Start Menu button.
      2. Click the Settings icon.
      3. In the search box, type "Manage BitLocker."
      4. Press Enter or click the Manage BitLocker icon in the list.
    10. Hard drive path
      1. Open Computer or My Computer
      2. Select the C:\ (or Windows computer) drive.
      3. Right-click the drive that you selected.
      4. Click Turn on BitLocker.

        Note: This skips the initial BitLocker screen.

  4. In the BitLocker Management screen, click Turn on BitLocker.

    How to Enable or Disable BitLocker with TPM in Windows (5)
    Figure 3: (English Only) Click Turn on BitLocker

  5. BitLocker goes through a short initialization process.

    How to Enable or Disable BitLocker with TPM in Windows (6)
    Figure 4: (English Only) Starting BitLocker

  6. Choose one of three options for saving the recovery key.

    How to Enable or Disable BitLocker with TPM in Windows (7)
    Figure 5: (English Only) Save the recovery key

Caution: This key must be saved in a safe location. If access to the drive is ever needed, this is the recovery key that is used to access the drive. If the key is lost, there is no option for recovering data from a locked drive, and the operating system must be reinstalled. This key is unique for each computer and only works on the computer that it was created for.

How to Enable or Disable BitLocker with TPM in Windows (8)
Figure 6: (English Only) Save key in a safe location

  1. After saving the passwordfile, clickNext.
  2. Select one of the volume encryption options.
    1. Encrypt entire hard drive.
      • This encrypts all space on the hard drive regardless of whether it is used. This takes longer to process the encryption.
    2. Encrypt on used space.
      • This only encrypts space on the hard drive as it is filled with data and leave free space unencrypted. This is preferred for basic encryption as it is faster.

        How to Enable or Disable BitLocker with TPM in Windows (9)
        Figure 7: (English Only) Choose how much of your drive to encrypt

  3. After selecting encryption option, click Next.
  4. Choose the type of encryption to use if you get the encryption type selection.
  5. Click Next
  6. Check that the box labeled "Run BitLocker system check."

    How to Enable or Disable BitLocker with TPM in Windows (11)
    Figure 9: (English Only) Check Run BitLocker system check

  7. Click Continue
  8. Restart the computer after verifying the settings to begin the encryption.

    NOTE: Encryption can take anywhere from 20 minutes to a couple hours depending on the amount of data that has been encrypted, the speed of the computer, and whether the process is interrupted by the computer being turned off or going to sleep. The BitLocker encryption does not start until the computer is restarted. If work must be completed, it is safe to complete work and save it before restarting.

    How to Enable or Disable BitLocker with TPM in Windows (12)
    Figure 10: (English Only) Restart computer to begin encryption


Back to Top

3. Checking BitLocker status (Manage BitLocker Console)

  1. Open the Manage BitLocker console with one of the methods previously described.
  2. View the status that is reported in the console.
    • If encrypting, the status shows that BitLocker is encrypting.
    • If encrypted, the status shows that BitLocker is on and show a lock icon.

      How to Enable or Disable BitLocker with TPM in Windows (13)
      Figure 11: (English Only) Checking BitLocker status using BitLocker Console

Back to Top

4. Checking BitLocker Status (Command Line)

  1. Open a command prompt window.
  2. Click the Windows Start button, type cmd and press Enter.
  3. Press and hold the Windows button on the keyboard and R, type cmd and press Enter.
  4. Right-click Command Prompt and select "Run as Administrator."
  5. In the command prompt, type manage-bde -status and press Enter.
  6. View the status of BitLocker on the drives in the computer.

    How to Enable or Disable BitLocker with TPM in Windows (14)
    Figure 12: (English Only) Checking BitLocker Status using Command Line

Back to Top

5. Suspending BitLocker

Note: Suspending BitLocker temporarily may be required for certain computer maintenance and updates. When updating the BIOS, ALWAYS suspend BitLocker prior to running the update. If BitLocker is active during the update, all stored keys on the TPM are LOST.

  1. Start the computer.
  2. Boot into the Windows operating system.
  3. Open the Manage BitLocker windows with one of the above methods.
  4. Click Suspend Protection for the wanted drive.

    How to Enable or Disable BitLocker with TPM in Windows (15)
    Figure 13: (English Only) Suspending BitLocker

  5. Review the warning prompt and click Yes to suspend BitLocker.

    How to Enable or Disable BitLocker with TPM in Windows (16)
    Figure 14: (English Only) Review the warning and click Yes to suspend BitLocker

  6. Return to the Manage BitLocker window to Resume Protection.

    How to Enable or Disable BitLocker with TPM in Windows (17)
    Figure 15: (English Only) Click Resume protection to Resume BitLocker protection

Back to Top

6. Disabling BitLocker

NOTE: Decryption can take anywhere from 20 minutes to a couple of hours. The time depends on the amount of data that has been encrypted, the speed of the computer, and whether the process is interrupted. Interruptions includethe computer being turnedoff or going to sleep. Progress can be checked at any time using one of the previous methods for checking BitLocker status.

  1. Start the computer.
  2. Boot into the Windows operating system
  3. Open the Manage BitLocker windows with one of the above methods.
  4. Click Turn off BitLocker.

    How to Enable or Disable BitLocker with TPM in Windows (18)
    Figure 16: (English Only) Click turn off BitLocker to disable BitLocker

  5. Confirm the decision to turn off BitLocker.

    How to Enable or Disable BitLocker with TPM in Windows (19)
    Figure 17: (English Only) Confirm the decision to turn off BitLocker

  6. Allow the computer to decrypt.

Back to Top

7. BitLocker Encryption Videos

Encrypt Your Drive With BitLocker.

Resolve BitLocker Recovery Key Prompts

Back to Top

Recommended Articles

Here are some recommended articles related to this topic that might be of interest to you.

  • How to Retrieve a BitLocker Recovery Password or Key Package Using the Dell Data Security Recovery Portal
  • Updating the BIOS on Dell Systems With BitLocker Enabled
  • BitLocker fails to turn on or prompts for the Recovery Key rebooting with Windows 10, UEFI, and the TPM 1.2 Firmware
  • How to Use BitLocker with PIN
  • How to Locate the BitLocker Key Identifier for a BitLocker Protected Drive
  • BitLocker Error When Using TPM in 1.2 Mode After Updating the BIOS
  • Resolving a TPM Error Seen During BitLocker Encryption on a Dell PC
  • How to Troubleshoot and Resolve Common Issues with Trusted Platform Module (TPM) and BitLocker
  • BitLocker is Prompting for a Recovery Key, and You Cannot Locate the Key
  • BitLocker Asks for a Recovery Key Every Boot on USB-C/Thunderbolt Computers When Docked or Undocked
  • Automatic Windows Device Encryption or BitLocker on Dell Computers
  • Dell BIOS Updates

How to Enable or Disable BitLocker with TPM in Windows (20)
More information and support for your Windows operating systems can be found on our Windows Support webpage.

How to Enable or Disable BitLocker with TPM in Windows (21) Out of warranty? No problem. Browse to the Dell.com/support website and enter your Dell Service Tag and view our offers.

NOTE: Offers are only available for US, Canada, UK, France, Germany, China, and Japan personal computer customers. Server and Storage not applicable.

How to Enable or Disable BitLocker with TPM in Windows (2024)

FAQs

How do I disable BitLocker in TPM? ›

Open Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives. Edit Require additional authentication at startup policy. Set the policy to Enabled and make sure Allow BitLocker without a compatible TPM is checked.

Read On
How do I enable BitLocker on TPM? ›

  1. Enabling the TPM. #Turn the computer on. #As the computer performs POST, press the hotkey (F2 or Delete) to enter the BIOS. ...
  2. Boot and enter the operating system, and check the TPM device using Device Manager.
  3. Enabling BitLocker in the operating system. 3-1. ...
  4. In the BitLocker Management screen, click Turn on BitLocker.

Discover More Details
How do I enable and disable BitLocker in Windows? ›

Click Start, click Control Panel, click System and Security, and then click BitLocker Drive Encryption. Look for the drive on which you want BitLocker Drive Encryption turned off, and click Turn Off BitLocker. A message will be displayed, stating that the drive will be decrypted and that decryption may take some time.

Continue Reading
How do I enable BitLocker PIN in TPM? ›

Launch an Admin Command Prompt (Elevated Command Prompt).
  1. Excluding the quotation marks, enter the command manage-bde -protectors -add c: -TPMAndPIN .
  2. You will be prompted to enter the PIN. ...
  3. Hit the Enter key to save the PIN, and you will be prompted to enter the PIN again to confirm.
Jan 30, 2024

See Details
Does TPM control BitLocker? ›

BitLocker encrypted devices use the TPM chip to verify the integrity of early boot components and boot configuration data. This helps ensure that BitLocker makes the encrypted drive accessible only if those components have not been tampered with and the encrypted drive is located in the original computer.

Find Out More
Can you disable TPM in Windows? ›

If you want to stop using the services that are provided by the TPM, you can use the TPM MMC to turn off the TPM. Open the TPM MMC ( tpm. msc ). In the Action pane, select Turn TPM Off to display the Turn off the TPM security hardware page.

Tell Me More
How do I force BitLocker to enable? ›

Enable BitLocker
  1. Navigate to Start and open Control Panel.
  2. Under System and Security, navigate to BitLocker Drive Encryption > Operating System Drive > Turn on BitLocker.

Show Me More
Why is there no option to turn off BitLocker? ›

This issue is caused by Windows account permissions limitation, login to the administrator account to disable BitLocker: Right-click Windows Start button (or Press the Windows Key + x) Click Computer Management. Double click Local Users and Groups.

Explore More
How do I disable BitLocker in Command Prompt? ›

Open the Start menu and type "manage BitLocker." Open the "Manage BitLocker" option and expand the drive you want to decrypt. Click "Turn off BitLocker." Open the Command Prompt as an Administrator and type "manage-bde -off <drive letter>:" and press Enter.

Continue Reading
How to tell if BitLocker is enabled? ›

Checking BitLocker Status (Command Line)

Right-click Command Prompt and select "Run as Administrator." In the command prompt, type manage-bde -status and press Enter . View the status of BitLocker on the drives in the computer.

Show Me More

What is the difference between TPM and PIN in BitLocker? ›

TPM with PIN: in addition to the protection that the TPM provides, BitLocker requires that the user enters a PIN. Data on the encrypted volume can't be accessed without entering the PIN. TPMs also have anti-hammering protection that is designed to prevent brute force attacks that attempt to determine the PIN.

Read The Full Story
Can I turn on BitLocker without TPM? ›

So if you enable BitLocker with TPM, you can use PIN to unlock your BitLocker drive, which provides more security. BitLocker can be enabled without TPM as we all know, but in that case you won't be able to use PIN to unlock encrypted drive. You've to use password then.

See Details
How do I permanently disable BitLocker? ›

  1. Type and search [Manage BitLocker] in the Windows search bar①, then click [Open]②.
  2. Click [Turn off BitLocker]③ on the drive that you want to decrypt. ...
  3. Confirm whether you want to decrypt your drive, then select [Turn off BitLocker]④ to start turning off BitLocker, and your drive will not be protected anymore.
Oct 24, 2023

Get More Info Here
How do I clear my TPM key BitLocker? ›

Navigate to Settings > Security > TPM Security. Note if it says "TPM" or "TPM 2" Click the "Clear" radio button or checkbox. If prompted about clearing the TPM chip, click yes/ok.

Continue Reading
How do I get out of BitLocker mode? ›

To exit the BitLocker recovery screen, you will need to enter the recovery key. The recovery key is a 48-digit code that was provided to you when you first enabled BitLocker on your device. If you don't have the recovery key, you can't enter the drive.

View More
Why can't I turn off BitLocker on Windows 11? ›

Disable BitLocker as Administrator. This “can't turn off BitLocker” issue may be caused by Windows account permissions limitation. So, you should log in to the administrator account to disable BitLocker.

View Details
Top Articles
Enable and update Microsoft Defender Antivirus on Windows Server - Microsoft Defender for Endpoint
Digital Wallets (Apple Pay, Google Pay, PayPal One Touch, Venmo)
Foxy Roxxie Coomer
AllHere, praised for creating LAUSD’s $6M AI chatbot, files for bankruptcy
Truist Bank Near Here
It's Official: Sabrina Carpenter's Bangs Are Taking Over TikTok
Is pickleball Betts' next conquest? 'That's my jam'
Missing 2023 Showtimes Near Cinemark West Springfield 15 And Xd
Chase Bank Operating Hours
Craigslist Parsippany Nj Rooms For Rent
Bucks County Job Requisitions
City Of Spokane Code Enforcement
Garrick Joker'' Hastings Sentenced
Jasmine Put A Ring On It Age
Los Angeles Craigs List
Gwdonate Org
Burn Ban Map Oklahoma
Kris Carolla Obituary
2016 Ford Fusion Belt Diagram
Gon Deer Forum
Overton Funeral Home Waterloo Iowa
Driving Directions To Bed Bath & Beyond
라이키 유출
A Biomass Pyramid Of An Ecosystem Is Shown.Tertiary ConsumersSecondary ConsumersPrimary ConsumersProducersWhich
Craigslist Personals Jonesboro
Georgia Cash 3 Midday-Lottery Results & Winning Numbers
Toothio Login
Sherburne Refuge Bulldogs
Cpt 90677 Reimbursem*nt 2023
Craigslist Ludington Michigan
Pixel Combat Unblocked
1636 Pokemon Fire Red U Squirrels Download
Tottenham Blog Aggregator
Pfcu Chestnut Street
Metro By T Mobile Sign In
Does Iherb Accept Ebt
Synchrony Manage Account
In Polen und Tschechien droht Hochwasser - Brandenburg beobachtet Lage
Amc.santa Anita
Strange World Showtimes Near Century Stadium 25 And Xd
Spurs Basketball Reference
Port Huron Newspaper
Tacos Diego Hugoton Ks
Phmc.myloancare.com
Dying Light Mother's Day Roof
Das schönste Comeback des Jahres: Warum die Vengaboys nie wieder gehen dürfen
Mlb Hitting Streak Record Holder Crossword Clue
Random Warzone 2 Loadout Generator
Quest Diagnostics Mt Morris Appointment
What Time Do Papa John's Pizza Close
Fallout 76 Fox Locations
Latest Posts
How to use telephone banking
About – OrbiMed
Article information

Author: Ouida Strosin DO

Last Updated:

Views: 5856

Rating: 4.6 / 5 (56 voted)

Reviews: 95% of readers found this page helpful

Author information

Name: Ouida Strosin DO

Birthday: 1995-04-27

Address: Suite 927 930 Kilback Radial, Candidaville, TN 87795

Phone: +8561498978366

Job: Legacy Manufacturing Specialist

Hobby: Singing, Mountain biking, Water sports, Water sports, Taxidermy, Polo, Pet

Introduction: My name is Ouida Strosin DO, I am a precious, combative, spotless, modern, spotless, beautiful, precious person who loves writing and wants to share my knowledge and understanding with you.