Windows BitLocker Drive Encryption is a new security feature that provides better data protection for your computer, by encrypting all data stored on the Windows operating system volume. (In this version of Windows, a volume consists of one or more partitions on one or more hard disks. BitLocker works with simple volumes, where one volume is one partition. A volume usually has a drive letter assigned, such as "C.")
A Trusted Platform Module (TPM) is a microchip that is built into a computer. It is used to store cryptographic information, such as encryption keys. Information stored on the TPM can be more secure from external software attacks and physical theft.
BitLocker uses the TPM to help protect the Windows operating system and user data and helps to ensure that a computer is not tampered with, even if it is left unattended, lost, or stolen.
BitLocker can also be used without a TPM. To use BitLocker on a computer without a TPM, you must change the default behavior of the BitLocker setup wizard by using Group Policy, or configure BitLocker by using a script. When BitLocker is used without a TPM, the required encryption keys are stored on a USB flash drive that must be presented to unlock the data stored on a volume
Windows can encrypt entire operating system drives and removable devices with its built-in BitLocker encryption. When TrueCrypt controversially closed up shop, they recommended their user’s transition away from TrueCrypt to BitLocker.
When you turn on BitLocker for the first time, make sure you create a recovery key.
Otherwise, you could permanently lose access to your files.
Here I am creating sample of bitlocker for lock drive
1. Open Computer from your Desktop
2. Write click in your drive. Now open a window and choose Turn on
BitLocker. You might be asked for an admin password or to confirm your choice.
3. The BitLocker Drive Encryption setup dialog box opens.
4. Once BitLocker to Go has started and the drive is initialized, you’ll be asked how you want to protect the drive. You’ll have the choice of using either a password or a smart card; for the vast majority of users, the password option will be the only way to go, since smart-card readers are rarely installed on consumer-class computers.
Tick the box labeled Use a password to unlock the drive, and then enter a password in the necessary fields. The password should be something you’ll remember, but use special characters, upper- and lowercase letters, numbers, and symbols to make it as strong as possible. When you've entered the password, click Next
5. After setting the password, you’ll be prompted to back up a recovery key. Should you forget your password (or lose your smart card), the recovery key can be used to access the protected drive. The recovery key can be saved to a Microsoft account, saved to a file, or printed out. Whatever option you choose, be sure to keep it safe because without it there’s no way to access the drive should you forget the password. Formatting the drive will be the only way you’ll be able to use it again—destroying the data stored on the drive in the process.
If you choose Save to file
then it will give you option to save recovery key on your system. Click Next
If you choose Save to file then it will give you option to save recovery key on your system. Click Next
Now your drive is lock
To unlock a removable data drive
Tap or click the Unlock drive message.
Enter your BitLocker password, and then tap or click Unlock. Or, insert your smart card, tap or click more options, tap or click Use smart card, enter your smart card PIN, and press Enter.