Please enable javascript to view this page in its intended format.

Queen's University
 

Windows 7 BitLocker Encryption (Desktop and laptops)

 

Applies to Window 7 Enterprise and Windows 7 Ultimate

 

Note: Your system must meet the minimum system requirements.


 

  1. To turn on BitLocker,
    • Click Start, select Control Panel
    • From the View by: (top right) menu select Large Icons 
    W7BLEimg1.jpg
  2. Click on BitLocker Drive Encryption
      
    W7BLEimg2A.jpg
  3. BitLocker Drive Encryption will open
    • Click the Turn On BitLocker button
    • It will initialize and check for system requirements
    • It may want to reboot once or twice
    W7BLEimg2B.jpg
  4. If your computer has a TPM Module, skip to step 9. If your computer does not have a TPM Module, continue to step 5.
  5. Without a TPM Module, you will receive this message. Close this window and from the Run field, launch GPEdit.MSC (This will launch the Group Policy Editor).
     
    W7NoTPMError.jpg
  6. From the Run field, launch GPedit.msc (A utility to easily change Windows defaults to allow no TPM Module)

    W7GPedt.jpg
  7. Below Computer Configuration, select Administrative Templates, Windows components, BitLocker Drive Encryption, the click on Operating System Drives.  Now on the right side of the screen, double click Require additional authentication at startup.

    W7PlcySteps.jpg 
  8. Now, you are creating a simple policy, select Enable and select Allow BitLocker without a compatible TPM. Ignore the rest of this policy, click Apply and Ok. Close the Policy Editor.

    W7NoTPMPlcy.jpg
     
  9. Very Important:  BitLocker will prompt you to save the Security Recovery Key, this Key must be saved to a USB flash drive, a file, or it can be printed.  You will need the Recovery Key if your computer ever has a problem so keep it safe. 
    • Do not save the Recovery Key to your hard drive, save it somewhere else or print it.
    • Select where to save the recovery key
    • Click the Next button
    W7BLEimg3.jpg
  10. BitLocker now asks Are you ready to encrypt the drive? 
    • Check the box beside  Run BitLocker system check
    • Click the Continue button 
    W7BLEimg4.jpg
  11. A system Restart is now required,
    • Click the Restart now button and let the system reboot. 
    W7BLEimg5.jpg
  12. After Rebooting, the Full Hard Drive Encryption process has begun. 
    • It will take about an hour to complete this. 
    • You may use your computer while this is occurring but it will run slowly until completed.
    • If your computer goes to sleep, hibernates or is shutdown, the encryption process is stopped.  It will start up again once you power up your computer again.
  13. When BitLocker finishes encrypting the drive, it may not display any message but the hard drive light should stop flashing constantly.
  14. Congratulations!  You have encrypted your hard drive.  Remember to keep your Recovery key safe & secure. Not with your computer.


Video Tutorial


Microsoft has this very informative video tutorial on how to use BitLocker and what is required.

http://windows.microsoft.com/en-us/windows7/products/features/bitlocker

 

 


Kingston, Ontario, Canada K7L 3N6 613.533.2000