Hardware requirements for BitLocker Drive EncryptionBecause BitLocker stores its own encryption and decryption key in a hardware device that is separate from your hard disk, you must have one of the following: | • | A computer with Trusted Platform Module (TPM), which is a special microchip in some newer computers that supports advanced security features. If your computer was manufactured with TPM version 1.2 or higher, BitLocker will store its key in the TPM. | | • | A removable USB memory device, such as a USB flash drive. If your computer doesn’t have TPM version 1.2 or higher, BitLocker will store its key on the flash drive. |
To turn on BitLocker Drive Encryption, your computer’s hard disk must: | • | Have at least two partitions. One partition must include the drive Windows is installed on. This is the drive that BitLocker will encrypt. The other partition is the active partition, which must remain unencrypted so that the computer can be started. Once you've encrypted the drive Windows is installed on, you can also encrypt additional data drives on the same computer. | | • | Be formatted with the NTFS file system. | | • | Have a BIOS that is compatible with TPM and supports USB devices during computer startup. If this is not the case, you will need to update the BIOS before using BitLocker. For more information on updating your BIOS, see Update the BIOS for BitLocker Drive Encryption. |
 | To find out if your computer has Trusted Platform Module (TPM) security hardware | | | 1.
| Open Bitlocker Drive Encryption by clicking the Start button  , clicking Control Panel, clicking Security, and then clicking Bitlocker Drive Encryption.  If you are prompted for an administrator password or confirmation, type the password or provide confirmation. | | 2.
| If the TPM administration link appears in the left pane, your computer has the TPM security hardware. If this link is not present, you will need a removable USB memory device to turn on BitLocker and store the BitLocker startup key that you’ll need whenever you restart your computer. | |
|
Encryption
A way to enhance the security of a message or file by scrambling the contents so that it can be read only by someone who has the appropriate key to unscramble it.
Group Policy
An administrative tool for managing user settings and computer settings across a network.
Key
In encryption, authentication, and digital signatures, a value used in combination with an algorithm to encrypt or decrypt information.
Partition
Part of a computer hard disk that functions like a separate disk. Separate, formatted partitions share your computer's memory and storage space. Partitions allow you to install more than one operating system on the computer.
USB flash drive __elbasuer__ USB flash drive
A small device used to store information. USB flash drives plug into computer USB ports so you can copy information to or from them, making it easy to share and transport information.
Basic input/output system (BIOS) __elbasuer__ Hard disk
The primary storage device located inside a computer. Also called a hard drive or hard disk drive, it is where your files and programs are typically stored.
NTFS file system __elbasuer__ NTFS file system
A file system for formatting computer hard disks so they can store information. NTFS provides several improvements over earlier file allocation table (FAT) file systems, including file and folder permissions, encryption, and file compression.
|
Help and How-to
