 |
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows 7. The Windows 7 forum also covers news and updates and has an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.
Windows 7 - BitLocker Drive Encryption - Internal Data Hard Drives - Turn On or Off
BitLocker Drive Encryption - Internal Data Hard Drives - Turn On or Off How to Turn Windows 7 BitLocker On or Off for Internal Data Hard Drives
Published by Brink
03-07-2009
|  BitLocker Drive Encryption - Internal Data Hard Drives - Turn On or Off
How to Turn Windows 7 BitLocker On or Off for Internal Data Hard Drives  Information This will show you how to turn Windows 7 BitLocker Drive Encryption on or off for internal hard drives or partitions without a operating system installed on them. When BitLocker Drive Encryption is turned on for the selected internal data hard drive or partition, you will be required to either use a smart card or enter a password to unlock the drive before allowed access to it.
 Note When you add new files to the Windows 7 or other operating system drive or partition that is encrypted with BitLocker, BitLocker will encrypt them automatically. Files remain encrypted only while they are stored on the encrypted drive. Files will be decrypted if they are copied on another drive, partition, or computer. You can log on and work with your files normally, but BitLocker can help block hackers from accessing the system files they rely on to discover your password, or from accessing your drive by removing it from your computer and installing it in a different computer.
 Warning BitLocker is only available in the Windows 7 Ultimate and Enterprise editions.
EXAMPLE: A Internal Data (non-OS) Hard Drive with BitLocker turned on for it NOTE: This is what you will see when you attempt to open or access the encrypted internal data hard drive or partition after you have logged off or restarted the computer. You will then need to enter your password to unlock the drive to gain access. 
EXAMPLE: A Internal Data (non-OS) Hard Drive Locked and Unlocked by BitLocker NOTE: When you have BitLocker Drive Encryption turned on, then this is how you can tell if the drive is currently locked or unlocked in the Computer window.  
OPTION ONE
Turn On BitLocker and Encrypt a Internal Drive
1. Decide if you want 128-bit or 256-bit encryption.
NOTE: By default, Windows 7 will use AES encryption with 128-bit encryption keys and Diffuser unless changed already by you previously.
2. Open the Start menu and click on the Computer button, then right click on the non operating system internal drive or partition letter that you want to encrypt with BitLocker and click on Turn on BitLocker. (See screenshot below)
A) Go to step 5.
OR
4. Open the Control Panel (All Items view), and click on the BitLocker Drive Encryption icon.A) Click on Turn On BitLocker for non operating system internal drive or partition letter that you want to encrypt with BitLocker. (See screenshot below)
5. Select a option, say (check) Use a password to unlock the drive, then type in a password that is at least 8 numbers and/or letters long that you would like to use to unlock the drive with twice, and click on the Next button. (See screenshot below)
WARNING: Be sure to write down this password and keep it somewhere safe. The password you enter here will be required to be entered to unlock the drive to gain access to it.
Note Password
A password is a string of characters used to access information or a computer. For more information about passwords, see Tips for creating strong passwords and passphrases. - You can use a password to unlock fixed data drives (such as internal hard drives) and removable data drives (such as external hard drives and USB flash drives).
- Passwords allow you to use your encrypted drive on both home and work computers or share the drive with other people.
- The BitLocker To Go Reader allows you to unlock encrypted drives on computers running Windows Vista or Windows XP. To use the BitLocker To Go Reader, the drive must be formatted using the FAT file system and you must use a password to encrypt the drive.
- You can change your password in the BitLocker Drive Encryption Control Panel.
Smart card
A smart card is a small plastic card containing a computer chip. Smart cards are generally issued by information technology (IT) departments in large companies. To use a smart card, you also need a smart card reader—a device that’s installed in or connected to your computer and can read the information stored on a smart card. - Smart cards are used primarily in work environments.
- You will be required to use a BitLocker certificate that is provided by your system administrator. If you have multiple certificates, you might have to choose one.
- Smart cards cannot be used with the BitLocker To Go Reader, which allows you to unlock drives on computers running Windows Vista or Windows XP.
- To unlock the drive, you will insert your smart card and type your smart card PIN.
NOTE: When encrypting a drive using a smart card, a certificate-based protector will be created on the drive. This protector contains some unencrypted information that is required to unlock the drive. In the specific case where a certificate-based protector is used, the public key and certificate thumbprint of the certificate that was used to encrypt the drive will be stored unencrypted in the protector’s metadata. This information could be used to locate the certification authority (CA) that was originally used to generate the certificate and then try to extract some personal information. Automatically unlock
When you encrypt fixed data drives, you can choose to have the drive automatically unlock when you log on to Windows. - Removable data drives can be set to automatically unlock after they are encrypted by right-clicking the drive in the Computer folder, and then clicking Manage BitLocker.
NOTE: To be able to automatically unlock fixed data drives, the drive that Windows is installed on must also be encrypted by BitLocker.
6. Click on Save the recovery key to file option. (See screenshot below)
A) Select where you want to save this file at, and click on the Save button. (See screenshot below)
B) If prompted, click on Yes. (See screenshot below)
C) It is highly recommended that you save this file somewhere safe, and not on the encrypted drive. You will need the "BitLocker recovery key" number (bottom number in screenshot below) to gain access to you encrypted drive if you should forget the password, lose the smart card, or BitLocker locks the drive.
D) It is also recommended that you click on the Print the recovery key option as well to have a printed hard copy of the file to be extra safe. (See screenshot below step 6)
E) When done, click on the Next button. (See screenshot below step 6)
7. Click on the Start Encrypting button. (See screenshot below)
8. BitLocker will now start encrypting the drive. (See screenshot below)
NOTE: This may take a while to finish.
9. When it is finished, click on the Close button. (See screenshot below)
10. You will now have a Manage BitLocker option in the Control Panel and Computer for the encrypted drive. (See screenshots below) 
11. If you click on Manage BitLocker, these will be the options that you will have below. (See screenshot below)
12. You're done. The internal data drive or partition is now encrypted with BitLocker (turned on).
OPTION TWO
Turn Off BitLocker and Decrypt a Internal Drive
NOTE: If you do not care about losing all data on the drive/partition, then formating or using the clean command will allso turn off BitLocker for the drive/partition. 1. Open the Control Panel (All Items view), and click on the BitLocker Drive Encryption icon.
2. Click on Turn Off BitLocker for the non operating system internal drive or partition letter that you want to turn off BitLocker with. (See screenshot below)
3. Click on the Decrypt Drive button. (See screenshot below)
4. BitLocker will now start decrypting the drive. Click on the BitLocker icon in the taskbar notification area (far right) to see the encryption status. (See screenshot below)
NOTE: This may take a while to finish.
5. When finished, click on the Close button. (See screenshot below)
6. The Control Panel and Computer will now have the Turn On BitLocker option again for the selected drive.
7. You're done. The internal data drive or partition is now decrypted by BitLocker (turned off).
That's it,
Shawn |  Published by | | Administrator Join Date: Oct 2008 Location: Texas Posts: 37,303 | |
Tutorial Tools | | | |  | | | | | |
09-12-2009
|
#1 | |
|
Thank you Brink !!
I finally enabled BitLocker Drive Encryption on my WD 1TB hard drive.
Just a small ? when i reboot it shows locked, i enter the password, fine it unlocks, but how do i lock it again?
As a side note to people when encrypting a certain sized hard drive it may take, in my case, just under 3 hrs to fully encrypt a 1TB hard drive.
| My System Specs | | System Manufacturer/Model Number custom of course...built by grimreaper
OS Windows 7 Ultimate X64
CPU Intel Core 2 Quad Q9650 3.0GHz (3.6GHz 24/7) maxed 4.05GHz
Motherboard EVGA 790i Ultra SLi Model#132-CK-NF79-A1 BIOS P10
Memory 8GB OCZ DDR3 PC3-14400 @ 1800MHz NVIDIA SLi-Ready
Graphics Card 2XBFG GeForce GTX 280 OC Edition SLi'd
Sound Card SoundBlaster X-Fi Titanium Fatal1ty Pro Series
Monitor(s) Displays Samsung 52" 1080P LCD HDTV (LN52B550)
Screen Resolution 1920X1080 @ 60Hz
Keyboard Logitech cordless Y-RAJ56A piece of ****
Mouse Logitech G7 Laser Cordless mouse black
PSU ThermalTake ToughPower 1200W P/N:W0133RU Modularized
Case ThermalTake P/N: VH6000BWS Armor Full-Tower
Cooling ThermalTake SpinQ P/N: P0466 CPU Cooler
Hard Drives 3xWestern Digital WD1001FALS Caviar Black 1TB Hard Drive(s) RAID 0 x2 encased in 3xMasscool KuFormula SHF1 HDD Cooler(s)
Internet Speed 10 Mbps DL-1Mbps UL wirelessly DWA-552 extreme N
Other Info 1XSamsung DVD burner SH-S223Q/BEBN SATA
1XSamsung DVD burner SH-S223L/BEBN SATA
1XLG GGW-H20L Blu-Ray burner
4XCooler Master 120mm Blue LED SickleFlow 2000 RPM
1XBelkin UPS F6C1500TWRK) backup power supply
|
09-13-2009
|
#2 | |
Windows 7 Ultimate x64, XP Mode(VPC and VMLite), VM Player 4.02, W8 CPreview |
This one will definitely come in timely here!
In fact besides the two WD 1tb storage drives I will be looking at another 500gb test drive that no longer be used as an OS drive once 7 is out. This will secure data on that drive.  | | My System Specs | | OS Windows 7 Ultimate x64, XP Mode(VPC and VMLite), VM Player 4.02, W8 CPreview
CPU AMD Phenom II X4 Deneb 3.4
Motherboard Gigabyte GA-790XTA-UD4
Memory Kingston Hyper X DDR3 1600 8gb 1.5v
Graphics Card MSI Radeon 5750 1gb
Sound Card Creative Labs X-Fi XtremeGamer
Monitor(s) Displays 2 x Acer P191W 19" widesscreen
Screen Resolution 1440x900 native
Keyboard Microsoft Recusa Razor
Mouse MS Trackball Explorer
PSU Corsair 750TX
Case Antec 900-2 - SSD compatible
Cooling Zalman CNPS9900A
Hard Drives WD Black Edition 1tb Sata 6.0 = 2
WD Black Edition 1tb Sata 3.0 = 2 (OS drives)
WD 1tb Green Power sata = 2 1 external
usb flash drives = 15
Internet Speed 30mbps upgrade
|
09-13-2009
|
#3 | |
Windows 7 Ultimate x64 SP1 |
Hi Grim,
You will either need to log off, or restart the computer to lock the drive again, otherwise it will remain unlocked as long as you are still logged on.  | | My System Specs | | System Manufacturer/Model Number Self built custom
OS Windows 7 Ultimate x64 SP1
CPU Intel i7-980X 3.3 Ghz (3.48 Ghz OC'd)
Motherboard ASUS P6X58D Premium
Memory 12 GB (2GBx6) DDR3 PC3-16000 2000 MHz Kingston HyperX
Graphics Card Sapphire HD5870 Eyefinity 6 2GB
Sound Card Realtek HD Audio ALC889 Integrated Chip
Monitor(s) Displays 3x 27" Asus VE278Q
Screen Resolution 1920x1080
Keyboard Logitech Cordless Desktop MX 5500 Revolution
Mouse Logitech Cordless Desktop MX 5500 Revolution
PSU OCZ Series Gold OCZZ1000M 1000W
Case Corsair Obsidian 800D
Cooling Thermalright Ultra 120 Extreme Copper CPU heat sink w/120 MM
Hard Drives 160GB OCZ RevoDrive X2
** 2 x 1TB Samsung HDD HD154UI SATA
Internet Speed 50 Mb/s Download and 2 Mb/s Upload
Other Info Microsoft LifeCam Cinema
** Lite-On iHBS212 12x BD Writer
** Samsung CLX-3175FW Printer
** Netgear WNDR3800 Router
** Motorola SBG6580 Cable Modem
** 2x APC Back-UPS XS 1500
|
09-13-2009
|
#4 | |
|
ok I thought so...great feature anyways
Thank you again...Windows 7 is a beast i love it! | | My System Specs | | System Manufacturer/Model Number custom of course...built by grimreaper
OS Windows 7 Ultimate X64
CPU Intel Core 2 Quad Q9650 3.0GHz (3.6GHz 24/7) maxed 4.05GHz
Motherboard EVGA 790i Ultra SLi Model#132-CK-NF79-A1 BIOS P10
Memory 8GB OCZ DDR3 PC3-14400 @ 1800MHz NVIDIA SLi-Ready
Graphics Card 2XBFG GeForce GTX 280 OC Edition SLi'd
Sound Card SoundBlaster X-Fi Titanium Fatal1ty Pro Series
Monitor(s) Displays Samsung 52" 1080P LCD HDTV (LN52B550)
Screen Resolution 1920X1080 @ 60Hz
Keyboard Logitech cordless Y-RAJ56A piece of ****
Mouse Logitech G7 Laser Cordless mouse black
PSU ThermalTake ToughPower 1200W P/N:W0133RU Modularized
Case ThermalTake P/N: VH6000BWS Armor Full-Tower
Cooling ThermalTake SpinQ P/N: P0466 CPU Cooler
Hard Drives 3xWestern Digital WD1001FALS Caviar Black 1TB Hard Drive(s) RAID 0 x2 encased in 3xMasscool KuFormula SHF1 HDD Cooler(s)
Internet Speed 10 Mbps DL-1Mbps UL wirelessly DWA-552 extreme N
Other Info 1XSamsung DVD burner SH-S223Q/BEBN SATA
1XSamsung DVD burner SH-S223L/BEBN SATA
1XLG GGW-H20L Blu-Ray burner
4XCooler Master 120mm Blue LED SickleFlow 2000 RPM
1XBelkin UPS F6C1500TWRK) backup power supply
|
09-13-2009
|
#5 | |
Windows 7 Ultimate x64 SP1 |
You're welcome Grim. I agree. Windows 7 is so much better than Vista. I can't wait to see what all they may add or improve more in the years to come with Windows Updates. | | My System Specs | | System Manufacturer/Model Number Self built custom
OS Windows 7 Ultimate x64 SP1
CPU Intel i7-980X 3.3 Ghz (3.48 Ghz OC'd)
Motherboard ASUS P6X58D Premium
Memory 12 GB (2GBx6) DDR3 PC3-16000 2000 MHz Kingston HyperX
Graphics Card Sapphire HD5870 Eyefinity 6 2GB
Sound Card Realtek HD Audio ALC889 Integrated Chip
Monitor(s) Displays 3x 27" Asus VE278Q
Screen Resolution 1920x1080
Keyboard Logitech Cordless Desktop MX 5500 Revolution
Mouse Logitech Cordless Desktop MX 5500 Revolution
PSU OCZ Series Gold OCZZ1000M 1000W
Case Corsair Obsidian 800D
Cooling Thermalright Ultra 120 Extreme Copper CPU heat sink w/120 MM
Hard Drives 160GB OCZ RevoDrive X2
** 2 x 1TB Samsung HDD HD154UI SATA
Internet Speed 50 Mb/s Download and 2 Mb/s Upload
Other Info Microsoft LifeCam Cinema
** Lite-On iHBS212 12x BD Writer
** Samsung CLX-3175FW Printer
** Netgear WNDR3800 Router
** Motorola SBG6580 Cable Modem
** 2x APC Back-UPS XS 1500
|
09-13-2009
|
#6 | |
Windows 7 Ultimate x64, XP Mode(VPC and VMLite), VM Player 4.02, W8 CPreview |
I think we'll be looking for what new things find support in 7 and beyond in general as well as the new goods in the eventual service packs there too! | | My System Specs | | OS Windows 7 Ultimate x64, XP Mode(VPC and VMLite), VM Player 4.02, W8 CPreview
CPU AMD Phenom II X4 Deneb 3.4
Motherboard Gigabyte GA-790XTA-UD4
Memory Kingston Hyper X DDR3 1600 8gb 1.5v
Graphics Card MSI Radeon 5750 1gb
Sound Card Creative Labs X-Fi XtremeGamer
Monitor(s) Displays 2 x Acer P191W 19" widesscreen
Screen Resolution 1440x900 native
Keyboard Microsoft Recusa Razor
Mouse MS Trackball Explorer
PSU Corsair 750TX
Case Antec 900-2 - SSD compatible
Cooling Zalman CNPS9900A
Hard Drives WD Black Edition 1tb Sata 6.0 = 2
WD Black Edition 1tb Sata 3.0 = 2 (OS drives)
WD 1tb Green Power sata = 2 1 external
usb flash drives = 15
Internet Speed 30mbps upgrade
|
03-10-2010
|
#7 | |
|
Problem with BitLocker
Hi,
I was enabling BitLocker to my 16GB PNY pendrive. Unfortunately while the encryption was going on i clicked on pause. After that i am not able to use my Pen drive. it showed locked and when i enter the password it says " Request could not be performed because of I/O error". Then i tried clicking forget password and gave the key which got generated but that is also not working. It says wrong key.
When i plug my Pendrive to a machine with XP it says connect to a machine with Windows 7 and complete the encryption.
Kindly advice how to resolve it.
Santosh | | My System Specs | | System Manufacturer/Model Number HCL
OS Windows 7
CPU Intel Core2duo
Hard Drives 500Gb
|
03-10-2010
|
#8 | |
Windows 7 Ultimate x64, XP Mode(VPC and VMLite), VM Player 4.02, W8 CPreview |
Welcome to the Windows 7 Forums! SantoshVasudeva
With the process of encrypting the flash drive interrupted while in progress you may be forced to simply go into the Disk Management tool, right click on the item for the drive there, and select format! Going from 7 to XP would be another problem for the older version since the process was never completed in order to use on an older version or even taking with you to another machine entirely.
Hopefully you didn't have any unreplacable files already on the device since reformatting it to NTFS to make available again will wipe the flash drive completely. The next time I think you will be a little more cautious and allow the BitLocker to complete the process first however before trying to pause or simply go to use the drive itself.
Verify the next encryption is working well before placing any data on it just to be safe if you still go to use the tool. The tool does work but can be vulnerable at times so remember to back things up first before counting on the data you place on it to be locked up. | | My System Specs | | OS Windows 7 Ultimate x64, XP Mode(VPC and VMLite), VM Player 4.02, W8 CPreview
CPU AMD Phenom II X4 Deneb 3.4
Motherboard Gigabyte GA-790XTA-UD4
Memory Kingston Hyper X DDR3 1600 8gb 1.5v
Graphics Card MSI Radeon 5750 1gb
Sound Card Creative Labs X-Fi XtremeGamer
Monitor(s) Displays 2 x Acer P191W 19" widesscreen
Screen Resolution 1440x900 native
Keyboard Microsoft Recusa Razor
Mouse MS Trackball Explorer
PSU Corsair 750TX
Case Antec 900-2 - SSD compatible
Cooling Zalman CNPS9900A
Hard Drives WD Black Edition 1tb Sata 6.0 = 2
WD Black Edition 1tb Sata 3.0 = 2 (OS drives)
WD 1tb Green Power sata = 2 1 external
usb flash drives = 15
Internet Speed 30mbps upgrade
|
03-11-2010
|
#9 | |
|
Problem with BitLocker
Hi thanks for your help. I tried this option before posting my question here and it did not work. I am not able to format my Pen Drive. It gives an error saying format did not complete successfully. | | My System Specs | | System Manufacturer/Model Number HCL
OS Windows 7
CPU Intel Core2duo
Hard Drives 500Gb
BitLocker Drive Encryption - Internal Data Hard Drives - Turn On or Off problems? All times are GMT -5. The time now is 02:40 AM. |  |
