On most of the devices that are designed for Windows 10, device encryption is automatically enabled. Windows Setup automatically creates the necessary partitions and initializes encryption on the operating system drive with a clear key. To complete the encryption process, you must perform the following step.
Sign in using a Microsoft account that has administrator rights on the device. That action removes the clear key, uploads a recovery key to the user’s OneDrive account, and encrypts the data on the system drive. Note that this process happens automatically and works on any Windows 10 edition.
The most important hardware feature required to support BitLocker Device Encryption is a Trusted Platform Module chip, or TPM. The device also needs to support the Modern Standby feature. Virtually all devices that were originally manufactured for Windows 10 meet these requirements.
For the most part, BitLocker is a set-it-and-forget-it feature. After you enable encryption for a drive, it doesn’t require any maintenance. You can, however, use tools built into the operating system to perform a variety of management tasks.
The simplest tools are available in the Windows graphical interface, but only if you are running Windows 10 Pro or Enterprise. Open File Explorer, right-click any drive icon, and click Manage BitLocker. That takes you to a page where you can turn BitLocker on or off; if BitLocker is already enabled for the system drive, you can suspend encryption temporarily or back up your recovery key from here. You can also manage encryption on removable drives and on secondary internal drives. The length of time it takes BitLocker to fully encrypt your files depends on the size of your drive, or how much data you’re encrypting.
Why would you want to use BitLocker? Well, if you have a laptop and use it in locations such as in coffee shops, the risk of theft or even damage to your device could occur. Even if your laptop was stolen your drives will have been locked by BitLocker and will therefore be of no use to anyone else. However, if you have a desktop computer chances are you will not need BitLocker protection, unless you live in an area where burglars are active and could steel your Windows PC.