iSumsoft » Resources » Windows 10 » Enable BitLocker Encryption without a Compatible TPM

How to Enable BitLocker Encryption without a Compatible TPM

You'll disable to use BitLocker and will receive BitLocker TPM error as follows, if your PC without a Compatible Trusted Platform Module (TPM). Luckily, there’s a workaround to allow BitLoker to encrypt the operating system drive on this computer even if it doesn’t have a TPM.


bitlocker-tpm-error

Part 1: Allow BitLocker without a Compatible TPM in Local Group Policy Editor

Allowing BitLocker without a TPM will require to unlock the operating system drive at startup with either a password or startup key on a USB flash drive.

Step 1: Open Local Group Policy Editor.

Press the Windows logo + R keys to open the Run dialog, type gpedit.msc, and press Enter.

open-group-policy-editor

Step 2: In the left pane of Local Group Policy Editor, navigate to the Policy path below:

Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives

Step 3:On the right-side pane of Operating System Drives, double-click on Require additional authentication at startup to configure it.

allow-bitlocker-without-tpm

Step 4: Then select Enabled radio button and make sure that the box Allow BitLocker without a compatible TPM box is checked. Then click OK.

allow-bitlocker-without-a-compatible-tpm

Then it will allow you to turn BitLocker on.

Part 2: Turn on BitLocker to Encrypt Drive

Step 1: Go to the File Explorer, right-click the drive you want to encrypt for, and select Turn on BitLocker. Choose the way to unlock your BitLocker-protected operating system drive.

choose-how-to-unlock-your-drive-at-startup

Tip: If you choose to insert a USB flash drive, it will save the startup key on the USB flash drive. This will be used to unlock the operating system drive after each reboot.

startup-key-bek

Step 2: If you select the option to enter a password, you will enter the password and confirm it.

enter-a-password

Step 3: Select an option for storing the recovery key. and you can back up the recovery key to one of the locations you have stored.

select-location-to-store-recovery-key

Step 4: After you have saved the recovery key, click Next. And then choose how much of your drive to encrypt.

choose-how-much-of-your-drive-to-encrypt

Step 5: Choose which encryption mode to use, and click on Next.

choose-which-encryption-mode-to-use

Step 6: Uncheck the Run BitLocker system check box, and click on Continue when ready to start encrypting.

uncheck-run-bitlocker-system-check box

Step 7: It will require to restart your PC. When it reboots, enter the encryption password created in step 2. If you are successful in getting into Windows, you're all set.

enter-bitlocker-password.

Tip: If you are setting up BitLocker on a new drive, you only need to encrypt the part of drive that is being used. When you add additional data, BitLocker will automatically encrypt that data.

start-encrypting