Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
Sign In Create an Account Premier Sign In Dell Financial Services Partner Program Sign In
Contact Us

Your Dell.com Carts

Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

How to Enable and Disable BitLocker with TPM in Windows

Summary: Windows BitLocker has become a solution for people using Windows to encrypt and secure your data. The following is how to enable and disable BitLocker using the standard methods. We do not discuss the utilization of a USB as a Trusted Platform Module (TPM) replacement and do not discuss Group Policy changes for advanced features. Domain level Group Policy changes and network-managed BitLocker setups are Best Effort and are out of the scope of support. Supported configurations are limited to single computers and locally managed BitLocker setups. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Instructions

Table of Contents:

  1. Enabling the TPM
  2. Enabling BitLocker in the operating system
  3. Checking BitLocker status (Manage BitLocker Console)
  4. Checking BitLocker Status (Command Line)
  5. Suspending BitLocker
  6. Disabling BitLocker
  7. BitLocker Encryption Videos

Enabling and Disabling BitLocker in Windows 10 and Windows 11

Windows BitLocker has become a solution for securing your data. The following is how to enable and disable BitLocker using the standard methods.

This article does not discuss the utilization of a USB as a TPM replacement and does not discuss Group Policy changes for advanced features. Domain level Group Policy changes and network-managed BitLocker setups are Best Effort and are out of the scope of support. Supported configurations are limited to single computers and locally managed BitLocker setups.

Note: Products with Skylake chipsets need a specific setup in order for BitLocker to work correctly. If a Skylake computer is prompting for the recovery key even with the following settings, ENSURE that the BIOS is up to date.
  • All Operating Systems that are configured in Legacy Boot Mode must use TPM 1.2. It is recommended that the BIOS be updated to the latest revision.
  • All Operating Systems that are configured in UEFI Boot Mode can use either TPM 1.2, or TPM 2.0. It is recommended that the BIOS be updated to the latest revision.
  • Exceptions to this are the Latitude 5175 and Latitude 7275, both of which only have TPM 2.0 and cannot downgrade to 1.2.
Note: For full, up-to-date requirements, see Microsoft's BitLocker requirements This hyperlink is taking you to a website outside of Dell Technologies.

Enabling the TPM

Note: Ensure that the TPM is Activated or Enabled after switching it on, if the option is present. Switching the TPM on does not automatically enable it to communicate with the operating system. Enabling the TPM is necessary for the operating system to take ownership of the TPM chip to store encryption keys.
  1. Turn the computer on.
  2. As the computer performs POST, press the hotkey (usually F2, or Delete) to enter the BIOS.
  3. Once in the BIOS, locate the section that configures Security.
  4. In the Security section, locate the TPM option.
  5. Select the TPM 2.0 or 1.2 section on the left.

    Select the TPM 2.0 or 1.2

  6. Check the TPM box on the right to turn on the TPM.
  7. After switching the TPM on, select the option to Activate or Enable the TPM

    Select the option to Activate or Enable the TPM

  8. After the TPM has been activated and enabled, click Save changes and Exit the BIOS.

Back to Top

Enabling BitLocker in the operating system

Windows BitLocker How to Enable and Disable.

Watch this video to learn how to enable or disable BitLocker in Windows.

Duration: 01:39
When available, closed caption (subtitles) language settings can be chosen using the Settings or CC icon on this video player.

  1. Turn the computer on.
  2. Sign into the operating system as normal.
  3. Get to the BitLocker management section in one of the following ways:

    Windows 10 and Windows 11

    1. Start Menu path.
      1. Click the Windows Start Menu button.
      2. In the search box type: Manage BitLocker
      3. Press Enter or click the Manage BitLocker icon in the list.
    2. Control Panel path
      1. Click the Windows Start Menu button.
      2. Click the Control Panel.
      3. Click System and Security.
      4. Click any option under BitLocker Drive Encryption.
    3. Hard drive path
      1. Open Computer or My Computer
        • Alternatively, click the File Explorer icon and select your computer.
      2. Select the Encryption:\ (or Windows computer) drive.
      3. Right-click the drive that you selected.
      4. Click Turn on BitLocker.
        Note: This skips the initial BitLocker screen.
    4. App Screen path
      1. Click the Windows Start Menu button.
      2. Open the search box Manage BitLocker.
      3. Press Enter or click the Manage BitLocker icon in the list.
    5. Control Panel path
      1. Click the Windows Start Menu button.
      2. Open the search box, type Control Panel.
      3. Click System and Security or search BitLocker in the Control Panel window.
      4. Click any option under BitLocker Drive Encryption.
    6. Hard drive path
      1. Open Computer or My Computer
        • Alternatively, click the File Explorer icon and select your computer.
      2. Select the C:\ (or Windows computer) drive.
      3. Right-click the drive that you selected.
      4. Click Turn on BitLocker.
        Note: This skips the initial BitLocker screen.
    7. Start Menu path.
      1. Click the Windows Start Menu button.
      2. Windows 10: In the search box type: Manage BitLocker
        Windows 11: In the search box type: Device Encryption
      3. Press Enter or click the Manage BitLocker icon in the list.
    8. Control Panel path
      1. Right-Click on the Windows Start Menu button.
      2. Click the Control Panel.
      3. Click System and Security.
      4. Click any option under BitLocker Drive Encryption.
    9. Settings path
      1. Click the Windows Start Menu button.
      2. Click the Settings icon.
      3. In the search box type: Manage BitLocker
      4. Press Enter or click the Manage BitLocker icon in the list.
    10. Hard drive path
      1. Open Computer or My Computer
      2. Select the C:\ (or Windows computer) drive.
      3. Right-click the drive that you selected.
      4. Click Turn on BitLocker.
        Note: This skips the initial BitLocker screen.
  4. In the BitLocker Management screen, click Turn on BitLocker.

    Click Turn on BitLocker

BitLocker goes through a short initialization process.

Starting BitLocker

Choose one of three options for saving the recovery key.

Save the recovery key

Caution: This key must be saved in a safe location. If access to the drive is ever needed, this is the recovery key that is used to access the drive. If the key is lost, there is no option for recovering data from a locked drive, and the operating system must be reinstalled. This key is unique for each computer and only works on the computer that it was created for.

Save key in safe location

  1. After saving the password file, click Next.
  2. Select one of the volume encryption options.
    1. Encrypt the entire hard drive.
      • This encrypts all space on the hard drive regardless of whether it is used. This takes longer to process the encryption.
    2. Encrypt on used space.
      • This only encrypts space on the hard drive as it is filled with data and leave free space unencrypted. This is preferred for basic encryption as it is faster.
         

        Choose how much of your drive to encrypt

  3. After selecting encryption option, click Next.
  4. Choose the type of encryption to use if you get the encryption type selection.
     
    • New mode is the preferred method of encryption for new computers.
       

      Choose the type of encryption to use

  5. Click Next
  6. Check that the box labeled "Run BitLocker system check."

    Check Run Bitlocker system check

  7. Click Continue
  8. Restart the computer after verifying the settings to begin the encryption.
     
    Note: Encryption can take anywhere from 20 minutes to a couple hours depending on the amount of data that has been encrypted, the speed of the computer, and whether the computer being turned off or going to sleep interrupts the process. The BitLocker encryption does not start until the computer is restarted. If work must be completed, it is safe to complete work and save it before restarting.

    Restart computer to begin encryption

 

Back to Top

Checking BitLocker status (Manage BitLocker Console)

  1. Open the Manage BitLocker console with one of the methods previously described.
  2. View the status that is reported in the console.
     
    • If encrypting, the status shows that BitLocker is encrypting.
    • If encrypted, the status shows that BitLocker is on and show a lock icon.

      Checking Bitlocker status using BitLocker Console

 

Back to Top

Checking BitLocker Status (Command Line)

  1. Open a command prompt window.
  2. Click the Windows Start button, type cmd and press Enter.
  3. Press and hold the Windows button on the keyboard and R, type cmd and press Enter.
  4. Right-click Command Prompt and select "Run as Administrator."
  5. In the command prompt, type manage-bde -status and press Enter.
  6. View the status of BitLocker on the drives in the computer.

    Checking Bitlocker Status using Command Line

 

Back to Top

Suspending BitLocker

Note: Suspending BitLocker temporarily may be required for certain computer maintenance and updates. When updating the BIOS, ALWAYS suspend BitLocker prior to running the update. If BitLocker is active during the update, all stored keys on the TPM are LOST.
  1. Start the computer.
  2. Boot into the Windows operating system.
  3. Open the Manage BitLocker windows with one of the above methods.
  4. Click Suspend Protection for the wanted drive.

    Suspending Bitlocker

  5. Review the warning prompt and click Yes to suspend BitLocker.

    Review the warning and click Yes to suspend BitLocker

  6. Return to the Manage BitLocker window to Resume Protection.

    Click Resume protection to Resume Bitlocker protection

Back to Top

Disabling BitLocker

Note: Decryption can take anywhere from 20 minutes to a couple of hours. The time depends on the amount of data that has been encrypted, the speed of the computer, and whether the process is interrupted. Interruptions include the computer being turned off or going to sleep. Progress can be checked at any time using one of the previous methods for checking BitLocker status.
  1. Start the computer.
  2. Boot into the Windows operating system
  3. Open the Manage BitLocker windows with one of the above methods.
  4. Click Turn off BitLocker.

    Click turn off Bitlocker to disable BitLocker

  5. Confirm the decision to turn off BitLocker.

    Confirm the decision to turn off BitLocker

  6. Allow the computer to decrypt.

Back to Top

BitLocker Encryption Videos

Encrypt Your Drive With BitLocker.

Watch this video to learn how to encrypt your device with BitLocker.

Duration: 02:57
When available, closed caption (subtitles) language settings can be chosen using the Settings or CC icon on this video player.

Resolve BitLocker Recovery Key Prompts.

Watch this video to learn how to fix issues with BitLocker prompting for recovery key.

Duration: 01:07
When available, closed caption (subtitles) language settings can be chosen using the Settings or CC icon on this video player.

Back to Top

Additional Information

Windows

More information and support for your Windows operating systems can be found on our Windows Support webpage.

Out of Warranty supportOut of warranty? That is Not a problem. Browse to the Dell.com/support website and enter your Dell Service Tag and view our offers.

Note: Offers are only available for the US, Canada, UK, France, Germany, China, and Japan consumer and client computer customers. Server and Storage products are not applicable.

Affected Products

Alienware, Dell All-in-One, Dell Pro All-in-One, Dell Pro Max Micro, Dell Pro Max Slim, Dell Pro Max Tower, Dell Pro Micro, Dell Pro Slim, Dell Pro Tower, Dell Slim, Dell Tower, Inspiron, OptiPlex, Vostro, XPS, G Series, Projectors & Accessories , G Series, Alienware, Dell Plus, Dell Pro, Dell Pro Max, Dell Pro Plus, Dell Pro Premium, Inspiron, Latitude, Dell Pro Rugged, Vostro, XPS, Fixed Workstations, Mobile Workstations, Dell Pro Max Micro XE FCM2250 ...
Article Properties
Article Number: 000125409
Article Type: How To
Last Modified: 14 May 2025
Version:  24
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.