BitLocker is the most secure way to encrypt your files in Microsoft Operating system. You many know how to enable BitLocker on other drives, especially on the Remove able Drives. However if you are aware of your system from hackers, or you are aware of someone can break your password you can use BitLocker on the System Drive. But the big deal is How to Enable BitLocker on System Drive without TPM?
Well, there is a policy inside the Group Policy Editor which allows you to replace TPM without Password. When you enabled that in no time you will be able to encrypt your system drive.
How to check the TPM Availability on your System?
Before enabling TPM on your system, first you have to check the TPM availability on your system. To do that Press Windows + R button on the keyboard to open Run Dialog box, when it opens type their tpm.msc and press enter.
Step 1. Once the Trusted Platform Module Opens see if it has TPM or not .If it has the Trusted Platfrom module window will look like below screenshot, where you manage the TPM.
If your system didn’t had any TPM chip on the Mother board it will written Compatible TPM cannot be found.
How to Enable BitLocker on System Drive without TPM?
Step 1. Since the TPM is a chip in mother board, instead of that we need to use a Password at startup. To enable the Startup Authentication policy, Press Windows + R to open Run dialog box, then type their gpedit.msc to open Group Policy Editor.
Step 2. Now you need to expand the computer configuration, Administrative Templates, Windows Components, and BitLocker Drive Encryption and finally click on the Operating system Drives. Once you reach their open the policy which says Require additional Authentication at startup. For better understanding look at the screenshot.
Step 3. When you opened the Startup Authentication policy, select enabled, then click apply. Look at the screenshot which I have highlighted. If you have read it carefully then you know that it needs a USB Flash Drive where the recovery key is stored.
Step 4. Once the Policy is applied, it is time to enable the BitLocker on Drive C. To do that open run dialog box and type their control to open the Control Panel.
Step 5. Once the control panel opens, change the view by to large icons. After that you need to select BitLocker Drive Encryption.
Step 6. Once you opened the BitLocker Drive Encryption, Select turn on BitLocker.
Step 7. This step is about configuring the startup authentication, it asks you to select a option between Password or a USB Flash drive. I recommend you to use the Password, because it only requires USB once, but the other option requires USB Flash each time you reboot your system.
Step 8. Now you need to enter a password for startup authentication. When you are done with the Password click next.
Step 9. Now you need to save the recovery key, remember you can’t save it on your system. It has to be an external disk.
Step 10. Select encrypt used disk space only which a good choice for the fixed size. Once you did that click next.
Step 11. Now Bit locker needs to check the system, if you are ready for that click next.
Step 12. After that a notification will appear which says that the encryption will start after computer restarts. If you click triangle at the system tray you can a small notification is there. If you click on it a small window will appear which says the computer must be restarted. Select restart now.
Step 13. Once the computer restarts, you need to enter the Bitlocker authentication password. When you are done press enter on the keyboard.
Step 14. Now if you look at the drive C, it has a lock icon. if you want to manage it, right click on it and select manage BitLocker.
Step 15. If you want to turn off BitLocker, select turn off BitLocker, that’s all.
Related: (How To Put Password On Folder In Windows 10)