BitLocker: Encrypting used space only or full space?

I'm having a new 8 TB hard drive and I would like to encrypt it. I know that encrypting the full space would take hours or days. Since it's new and there isn't data on it yet, I'm considering to encrypt the used space only.

How secure is that and what would you suggest me if there is a better option or alternative?


Used Disk Space Only encryption means that only data that is used now or is written in the future will be encrypted.

In your case, this is every bit as secure as encrypting the whole disk, since the disk is new and never had any data on it.

The reason that not ever having any data is important, is because sectors containing deleted files are not marked as used, so are not encrypted and can be read by forensic programs as plain-text. But as this is not your case, you are safe from this particular attack.


I'm having a new 8 TB hard drive and I would like to encrypt it. I know that encrypting the full space would take hours or days.

BitLocker is Full Disk Encryption (FDE). By default if you encrypt a particular partition the entire partition is encrypted. You can continue to use your system while the encryption process happens.

I'm considering to encrypt the used space only.

You can select the less secure option to only encrypt the used space on the partition.

BitLocker in Windows 10 lets users choose to encrypt just their data. Although it's not the most secure way to encrypt a drive, this option can reduce encryption time by more than 99 percent, depending on how much data that needs to be encrypted.

Source: What is Used Disk Space Only encryption?

How secure is that and what would you suggest me if there is a better option or alternative?

Choosing to only encrypt the used space on the partition is indeed less secure than encrypting the entire partition. Only you can decide if BitLocker satisfies your security requirements. There is only one alternative to BitLocker that is actually supported and actively developed.