If you are serious about protecting your data, you are already familiar with BitLocker. It is an encryption tool that comes with Windows PCs. However, in the previous versions of Windows, using BitLocker didn’t require you anything. But with Windows 11, things have changed, and now BitLocker requires TPM. But what if you don’t have TPM in your Windows? So the question is, how to Enable BitLocker without TPM on Windows?
Why Does BitLocker Require a TPM?
BitLocker requires a trusted platform module or TPM on your computer’s motherboard. This chip is essential for generating and storing the actual encryption keys. Also, it can automatically unlock your PC’s drive when it boots. So you can sign in just by typing your Windows login password.
Also, if someone tampers with the PC or removes the drive from the computer and attempts to decrypt it, it cannot be accessed without the key stored in the TPM. The Bitlocker-enabled drive won’t work if it’s moved to another PC’s motherboard.
You can buy and add a TPM to most of the motherboards. But if you are using a laptop or have a motherboard that lacks a TPM slot, you won’t be able to use BitLocker. But there is a trick, and about that, you can learn more below.
How To Enable Bitlocker Without TPM on Windows 11/10
You can use Group Policy to bypass TPM limitations on Windows. However, if your PC is joined to a business or school domain, you won’t be able to change the Group Policy setting unless you are a network administrator.
If you are doing it on your PC only, then you can follow the below steps:
- Go to Windows search and type gpedit.msc and launch Local Group Policy Editor.
- Next, go to this following path from the left pane: Computer Policy > Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives.
- After that, double-click on the Require additional authentication at startup.
- Next, select Enabled from the top and ensure that Allow BitLocker without a compatible TPM (requires a password or a startup key on a USB flash drive) checkbox is enabled here.
- Finally, click on OK to save the changes, and you are good to go.
How to Set Up BitLocker on Windows?
Now that you have bypassed the TPM requirement, the next step is to set up BitLocker on Windows. For this, you can follow the below steps:
- Go to Windows search and type down BitLocker and launch it.
- Over here, look for the drive that you wish to encrypt and click on the Turn BitLocker option next to it.
- Next, it will scan and give you two options of how you want to unlock the drive. You can use a password or a smart card to unlock the drive.
- Then you will be asked to select a location to backup your recovery key. Just choose any displayed options, store the key somewhere safe, and click on Next.
- Next, choose how much of your drive you wish to encrypt. You can choose to encrypt the used disk space or encrypt the whole disk. So make a choice and click on Next.
- After that, you will be asked to choose an encryption mode. Choose the right option as per your needs and click on Next.
- Lastly, click on the Start Encryption button, and soon you will see a complete message. The time taken to complete the process will depend on the size of the storage device. You can also choose to encrypt the whole drive or only the content to save time.
One of the advantages of using a Microsoft account to save your TPM key is that even if you switch to another PC, it will be able to decrypt the drive, and you will be able to access the content inside it.
So that was all for how to enable BitLocker without TPM on Windows. Now go ahead and try the steps yourself and see how they work for you. Also, if you get stuck at anything, do feel free to comment below.
Can You Enable BitLocker Without TPM?
Yes, you can use BitLocker without a TPM. For this, you must reconfigure the default BitLocker settings using Local Group Policy Editor.
How Do I Enable BitLocker Manually?
You can enable BitLocker manually by going to Control Panel > System and Security > BitLocker Drive Encryption. After that, click on Turn On BitLocker, and it will scan your computer to verify all the needed system requirements.