iSumsoft » Resources » Windows 10 » Enable BitLocker Encryption without a Compatible TPM

How to Enable BitLocker Encryption without a Compatible TPM

You'll disable to use BitLocker and will receive BitLocker TPM error as follows, if your PC without a Compatible Trusted Platform Module (TPM). Luckily, there’s a workaround to allow BitLoker to encrypt the operating system drive on this computer even if it doesn’t have a TPM.


Part 1: Allow BitLocker without a Compatible TPM in Local Group Policy Editor

Allowing BitLocker without a TPM will require to unlock the operating system drive at startup with either a password or startup key on a USB flash drive.

Step 1: Open Local Group Policy Editor.

Press the Windows logo + R keys to open the Run dialog, type gpedit.msc, and press Enter.


Step 2: In the left pane of Local Group Policy Editor, navigate to the Policy path below:

Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives

Step 3:On the right-side pane of Operating System Drives, double-click on Require additional authentication at startup to configure it.


Step 4: Then select Enabled radio button and make sure that the box Allow BitLocker without a compatible TPM box is checked. Then click OK.


Then it will allow you to turn BitLocker on.

Part 2: Turn on BitLocker to Encrypt Drive

Step 1: Go to the File Explorer, right-click the drive you want to encrypt for, and select Turn on BitLocker. Choose the way to unlock your BitLocker-protected operating system drive.


Tip: If you choose to insert a USB flash drive, it will save the startup key on the USB flash drive. This will be used to unlock the operating system drive after each reboot.


Step 2: If you select the option to enter a password, you will enter the password and confirm it.


Step 3: Select an option for storing the recovery key. and you can back up the recovery key to one of the locations you have stored.


Step 4: After you have saved the recovery key, click Next. And then choose how much of your drive to encrypt.


Step 5: Choose which encryption mode to use, and click on Next.


Step 6: Uncheck the Run BitLocker system check box, and click on Continue when ready to start encrypting.

uncheck-run-bitlocker-system-check box

Step 7: It will require to restart your PC. When it reboots, enter the encryption password created in step 2. If you are successful in getting into Windows, you're all set.


Tip: If you are setting up BitLocker on a new drive, you only need to encrypt the part of drive that is being used. When you add additional data, BitLocker will automatically encrypt that data.