HSC Students - Turn on BitLocker Encryption - Windows 10 Professional and 10 Education

Important Notes regarding BitLocker

  • Store your personal BitLocker key in a secure location and always accessible location (not your OUHSC account). When turning on BitLocker you will be presented with a BitLocker key. OU IT is not able to access your personal BitLocker key. 
  • Back up your personal data to an alternate location.
  • Your device will need to be re-imaged if you forget your personal BitLocker key. OU IT is not responsible for lost data as a result of re-imaging or forgetting the BitLocker key.

Before you can turn on BitLocker encryption for Windows, you will need to verify a few things.

  • Your computer must have at least the following hardware specifications:
    • Processor: Intel i5 or better
    • Memory: 8GB RAM or better
    • Storage: 256GB Hard Drive (Solid State)
    • Screen size: 13" or higher
    • Connectivity: WiFi and Bluetooth
    • Expansion: USB 3 or higher
  • You have backed up your data to an external device.
  • Your computer is running Windows 10 Education, Windows 10 Pro, Windows 11 Education or Windows 11 Pro.
  • If your computer is running one of the supported Windows systems, proceed below:

 

 

Update Your Computer

  1. Click the Windows start button and then click “Settings” (gear icon).
    Windows 10 Start menu with Settings highlighted

  2. Click “System” (upper left corner).
    Windows Settings page with System highlighted

  3. Scroll down on the left side; click “About.” scroll down on the right to “Windows specifications” and verify you’re on Windows 10 Education, Windows 10 Professional, Windows 11 Education or Windows 11 Professional.
    Windows About screen with About and Version highlighted

  4. Click “Settings” in the upper left corner.
    Windows About screen with Settings highlighted

  5. For Windows 10, click “Updates & Security”. For Windows 11, click Windows Update.
    Windows Settings page with Updates and Security highlighted

  6. Click “Advanced options”.
    Windows Update screen with Advanced Options highlighted

  7. Under “Update options,” turn ON updates for other Microsoft products. Under “Update notifications,” turn ON notifications for restarts (in some versions of Windows 10, notifications and options have merged to “Update Options”).
    Advanced Options with Give me Updated for other Microsoft products and Notifications highlighted

  8. Click “Settings” in the upper left corner.
    Windows Advanced Options screen with Settings highlighted
     

  9. You should be on the “Windows Update” window. Click “Check for updates”.
    Windows Updated with Check for Updates button highlighted

  10. Updates will install and Windows will probably need to restart.
    Windows Update with list of install status for needed updates

  11. Once Windows restarts, sign back in.

  12. Click the Windows start button; click “Settings” (gear icon).
    Windows 10 Start menu with Settings highlighted

  13. For Windows 10, click “Updates & Security”. For Windows 11, click Windows Update.
    Windows Settings page with Updates and Security highlighted

  14. Click “Check for updates”.
    Windows Updated with Check for Updates button highlighted

  15. Repeat the above update steps until the message states, “You’re up to date”.

  16. Close “Settings.”

  17. Click the Windows Start button; type bitlocker and then press the Enter key.
    Windows Search with Bitlocker search results

  18. In the Bitlocker Drive Encryption window, click “Turn on Bitlocker.”
    Bitlocker Drive Encryption window with Turn on BitLocker highlighted

  19. As Bitlocker prepares to encrypt your hard drive, you will be asked how you want to back up the recovery key. Your recovery key is very very very important. It is a 48-digit key that helps you unlock your device if you ever get locked out with a blue Bitlocker screen. Please slow down on this step and make sure you save a copy of your 48-digit Bitlocker Recovery Key before continuing. Store your personal BitLocker key in a secure location and always accessible location (NOT your OUHSC account). When turning on BitLocker you will be presented with a BitLocker key. OU IT is not able to access your personal BitLocker key. Your device will need to be factory reset if you forget your personal BitLocker key. OU IT is not responsible for lost data as a result of factory resets or forgetting the BitLocker key.

    Here is what you will see after you do Step 18 above:

  20. Pick one (1) of these options to save/store your Bitlocker Recovery Key: a) In your personal Microsoft account, b) on a printout, or c) on a USB flash drive.

  21. After the recovery key has been saved, you’ll be back at the previous window, click “Next.”
    How do you want to back up your recovery key screen with Next highlighted

  22. When asked to choose how much of your drive to encrypt, select “Encrypt used disk space only” and click “Next.”
    Choose how much to encrypt screen with Encrypt use disk space only selected

  23. When asked to choose an encryption mode, select “New encryption mode” and click “Next.”
    Choose which encryption mode screen with New encryption mode selected

  24. When asked if you’re ready to encrypt your drive, select “Run Bitlocker system check” and click “Continue.”
    Are you ready screen with Run Bitlocker system check selected and Continue highlighted

  25. When the check has finished, and Windows is ready to encrypt the hard drive, you’ll see a notification in the lower right corner stating you’ll need to restart the computer (If the message goes away, click on the up arrow, click on the little lock with a caution sign to see the message). Click on the message.
    Windows alert message for Encryption will begin after computer start

  26. Click “Restart now.”
    The Computer must be restarted warning prompt

  27. Once Windows restarts, sign back in.

  28. Click on the up arrow on the lower right side of the system tray and click the little lock.
    Windows System Tray with BitLocker icon

  29. You’ll see a progress bar of how much the drive has been encrypted.
    Encrypting progress bar example

  30. You’ll see a message stating that your computer’s hard drive has been encrypted. Click “Close.”
    BitLocker Drive Encryption computer message

 

Next Steps - Install and Configure Sassafras

With BitLocker now configured and active, you will need to set up and register your computer with the Sassafras encryption monitoring client.

 

100% helpful - 1 review
Print Article