Windows Security

Enable BitLocker on Windows 11

Encrypt the Windows system drive with BitLocker and store recovery keys somewhere you will not lose them.

12 min read Beginner Updated 9 Jun 2026
Windows library Start the guide

Step-by-step guide

Work through each section in order. Stop when your issue is resolved — you do not need every step for every situation.

Warning

Use an administrator account for these steps, and keep a recent backup before making repair or security changes.

What you will achieve

Encrypt the Windows system drive with BitLocker and store recovery keys somewhere you will not lose them.

1) Confirm edition and TPM

  1. Open Settings → System → About and verify Windows 11 Pro or supported device encryption on Home.
  2. Run Win + R, type tpm.msc, and confirm TPM is ready.

2) Turn on encryption

  1. Open Control Panel → System and Security → BitLocker Drive Encryption.
  2. Choose Turn on BitLocker for the OS drive.
  3. Save recovery key to Microsoft account and an offline copy.

3) Verify status

manage-bde -status C:

Related guides

bitlocker encryption windows 11

Related guides

Continue with these next if you are building a fuller setup or troubleshooting path.

Security
Back up BitLocker recovery keys
Never enable BitLocker without a recovery key backup plan — here is where to store it.
Read guide
Security
Secure your Microsoft account with two-factor authentication
Lock down the Microsoft account that backs Windows sign-in, Store, and OneDrive with proper MFA.
Read guide