BitLocker was first introduced by Microsoft in Windows Vista. Like Ultimate and Enterprise editions of Vista and Windows 7, this feature is also present in Windows 8 Pro and Enterprise editions.
What is BitLocker?
BitLocker is a logical volume encryption program. Using BitLocker you can protect an entire volume from unauthorized access. By default BitLocker uses Advanced Encryption Standard (AES) encryption algorithm in Cipher block chaining (CBC) mode with a 128 bit security key. It also includes the
Elephant diffuser (Microsoft removed Elephant Diffuser from Windows 8 by NSA request) to provide additional disk encryption-specific security, which cannot be provided by Advanced Encryption Standard.
You must need to have at least two NTFS volumes to use BitLocker. One volume is where your operating system is installed and another is system volume (minimum of 100 MB) from where the OS boots. You cannot use BitLocker for system volume. If you have set BitLocker on for a volume, you will need to have the password to open it. No doubt, it is a good encryption and security tool. But the security is not unbreakable. If your machine is turned on, then the keys are stored in the physical memory of your machine. The keys can be read by a process that can access physical memory, e.g. through a 1394 DMA channel.
Follow the steps below to enable BitLocker in your Windows 8 PC.
Steps to Enable BitLocker
1. First of all right-click on a drive, and select Turn on BitLocker option.
2. Now, you will ask to choose a password. Confirm it by retyping the password and click Next.
3. Now, you will be asked to take back up of your recovery key. In case, if you forget your password, this recovery key will be needed to unlock the drive. There are several ways to back up the key. You can select Save to your Microsoft account option to store it. You can also store it into a USB flash drive, by connecting the flash drive to the computer and then selecting Save to USB flash drive option. There is also a way to store the key in your local hard drives. In that case you need to select Save to a file option. To print the key file select Print the recovery key option.
It is better not to save the key file in your local drives. If someone gets the file, then it can be misused. Among these four options Save to your Microsoft account and Save to USB flash drive is recommended.
4. I have connected a USB flash drive to my computer and selected Save to USB flash drive option. A small window appears, select Save.
5. You can see that a .TXT file has been created in the USB flash drive.
You can select different options together to back up the key file in more than one way. Press “Next” to continue.
6. Now, select how much of your drive to encrypt. Set the radio button according to your requirement. Press “Next” and then click “Start encrypting” button.
You will see the progress bar.
When it reaches 100% click “Close”. Restart your system. You will see the drive is protected by BitLocker.
Steps to unlock BitLocker enabled drive
To access BitLocker enabled encrypted drive, double-clicks on the drive and enter the password. If you have forgotten your password select More options.
After selecting “More options” select “Enter Recovery key”, then type 48-digit recovery key, this is in that .TXT file. You can also select “Load key from USB drive” option. It will automatically search for the .TXT file in connected USB flash drive and will unlock your drive if it finds the .TXT file with proper value within it.