What is BitLocker automatic device encryption? This article will explain it with sharing how to enable, disable, and effectively manage this utility.
BitLocker Automatic Device Encryption (often called Device Encryption) is a simplified version of BitLocker Drive Encryption. It is a Windows feature that protects your data by automatically encrypting the operating system drive and fixed drives on supported devices. It usually turns on during the Out-of-Box Experience (OOBE) when setting up Windows, if you sign in with a Microsoft account or a work/school account. The recovery key is saved to your account, making it easy to recover your data if needed.
Device Encryption is available on more Windows editions, including Home, and works automatically with minimal setup, while Full BitLocker, found only in Pro, Enterprise, and Education editions, offers more control and advanced encryption options but requires manual configuration. In short, Device Encryption is a streamlined, automatic form of BitLocker designed for convenience and wider use.
If your computer meets the requirements like having a Trusted Platform Module (TPM) version 1.2 or 2.0, UEFI Secure Boot and Platform Secure Boot enabled, and Direct Memory Access (DMA) protection turned on, we’ll now show you how to use them. As mentioned above, Windows Home users can only use Device Encryption. Therefore, check your Windows version first so you can choose the right encryption method.
Step 1. To check your Windows version: Start > System > About.
Step 2. Open the About settings, then under Device specifications > System type, see if you're running a 32-bit or 64-bit version of Windows. Under Windows specifications, check which edition and version of Windows your device is running.
Step 3. Sign in to Windows with an administrator account (you may have to sign out and back in to switch accounts). For more info, see Create a local or administrator account in Windows.
Step 4. Select the Start button, then select Settings > Update & Security > Device encryption.
Step 5. To enable device encryption, select Turn on. To disable BitLocker automatic device encryption, open the same window and select Turn off.
If you want stronger protection for your data, BitLocker is the better choice because it offers more advanced features than Device Encryption. While Windows 10 and 11 Home do not include BitLocker, you can still encrypt your drives using third-party software. AOMEI Partition Assistant is a dependable option that lets you encrypt internal drives, disks, and external devices on Windows Home and even older versions like Windows 7. It also allows you to back up your recovery key to another drive or print it, ensuring you can access your data if the key is lost.
The Best Windows Disk Partition Manager and PC Optimizer
Now, let's see how to use this handy tool to easily employ BitLocker on Windows.
Step 1. Install and launch AOMEI Partition Assistant. Click the "Tools" main tab and select "BitLocker".
Or, right-click the partition you want to encrypt and click the "BitLocker"->"Turn on BitLocker" option in the Context Menu.
Step 2. All drives on the system will be displayed, including operating system drives, fixed data drives, and removable drives. Please find the partition you would like to encrypt BitLocker and click the "Turn on BitLocker" option. (Here, we take the drive D: as an example.)
Tip: Currently, it only supports encrypting NTFS partitions. Other partition file systems, for example, FAT or FAT32 cannot be encrypted.
Step 3. Please set and confirm a password to encrypt the drive and click "Next".
📌 Notes:
1. Encrypt used disk space only (faster and best for new PCs and Drives): If you are setting up BitLocker on a new PC or a new drive, you only need to encrypt the part of the drive that is currently being used. And, BitLocker will automatically encrypt the newly-added data.
2. Disk encryption compatible mode (suitable for removable data drives): Windows 10 (version 1511) introduces a new disk encryption mode (XTS-AES). This mode provides heavy integrity support but is not compatible with earlier versions of Windows.
If this is a removable drive to be used on an earlier version of Windows, you should select Compatible mode.
If this is a fixed drive, or if this drive will only be used on devices running at least Windows 10 (version 1511) or later, select the new encryption mode.
Step 4. Select a way to back up your recovery key. You can either select "Save to a file" or "Print the recovery key".
If you select "Save to a file", please choose a location on your PC to save the recovery key.
It will generate a TXT file with the name: Bitlocker Recovery Key + 45-bit Key. The recovery file will be saved in the TXT file. You can open the file to view the recovery key. Please keep the file. Then, please click the "Next" button to start the encryption process.
If you would like to encrypt your current system drive, you will be asked to restart your PC into Windows PE mode to execute the operation because it is the current system drive. The program will first create Windows PE and then boot the PC into Windows PE mode to encrypt the drive. After the encryption is finished, you can restart your PC.
Step 5. The encryption process might take time to encrypt the drive. Before the process is finished, please do not terminate the program, remove the drive, or turn off the power.
Once the encryption process is finished, please click "Completed". Finally, the drive is BitLocker encrypted.
In summary, BitLocker Automatic Device Encryption provides an easy and automatic way to protect your data on supported Windows devices, while full BitLocker offers advanced features for greater control and stronger security. Windows Home users who want BitLocker-level protection can use reliable third-party software like AOMEI Partition Assistant to encrypt internal drives, external drives, and removable devices. By following the steps to enable encryption and securely back up recovery keys, you can ensure your data remains safe and accessible. Using BitLocker or Device Encryption is an essential step to protect your privacy and keep your information secure on Windows 10 and 11.
The Best Windows Disk Partition Manager and PC Optimizer
