How to enable BitLocker system drive encryption on Windows 10 Home
So here we go..
Prerequisites
- Disk with GPT (GUID Partition Table)
- Dedicated TPM module (v1.2+) or enabled Intel PTT in BIOS (not sure if AMD has such alternative)
Now how to check this ?
(Run all commands from now on in cmd.exe as admin)
powershell Get-Disk 0 | findstr GPT && echo This is a GPT system disk!
powershell Get-WmiObject -Namespace "root/cimv2/security/microsofttpm" -Class WIN32_tpm | findstr "IsActivated IsEnabled IsOwned SpecVersion"
This must return 3 True values and spec version 1.2 or higher (first number).
If your device meets the prerequisites
Access windows 10 Advanced Startup Options (press reboot while holding shift button)
go in to Troubleshoot > Advanced Options > Command Prompt
Login with your account that has admin privileges and type this to start encryption:
manage-bde -on c: -used
Once this is done, close the command prompt and continue to windows where perform following:
manage-bde c: -protectors -add -rp -tpm
manage-bde -protectors -enable c:
manage-bde -protectors -get c: > %UserProfile%\Desktop\BitLocker-Recovery-Key.txt
!!! Backup your BitLocker-Recovery-Key.txt which will be located on your desktop.
And voila, data on your system drive will soon be encrypted and protected
To check status of encryption use manage-bde -status
The way I do this is to encrypt the hard drive with Windows 10 Home on a Windows 10 Pro machine.
Either unplug the Windows 10 home drive from the PC then plug it into a PC or the other way around and just select which drive to boot, both works for me.