iSumsoft » Resources » Windows 10 » Enable BitLocker Encryption without a Compatible TPM

How to Enable BitLocker Encryption without a Compatible TPM

You'll disable to use BitLocker and will receive BitLocker TPM error as follows if your PC without a Compatible Trusted Platform Module (TPM). Luckily, there’s a workaround to allow BitLocker to encrypt the operating system drive on this computer even if it doesn’t have a TPM.


bitlocker tpm error

Part 1: Allow BitLocker without a Compatible TPM in Local Group Policy Editor

Allowing BitLocker without a TPM will require to unlock the operating system drive at startup with either a password or startup key on a USB flash drive.

Step 1: Open Local Group Policy Editor.

Press the Windows logo + R keys to open the Run dialog, type gpedit.msc, and press Enter.

open group policy editor

Step 2: In the left pane of Local Group Policy Editor, navigate to the Policy path below:

Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives

Step 3: On the right-side pane of Operating System Drives, double-click on Require additional authentication at startup to configure it.

allow bitlocker without tpm

Step 4: Then select Enabled radio button and make sure that the box Allow BitLocker without a compatible TPM box is checked. Then click OK.

allow bitlocker without a compatible tpm

Then it will allow you to turn BitLocker on.

Part 2: Turn on BitLocker to Encrypt Drive

Step 1: Go to the File Explorer, right-click the drive you want to encrypt for, and select Turn on BitLocker. Choose the way to unlock your BitLocker-protected operating system drive.

choose how to unlock your drive at startup

Tips: If you choose to insert a USB flash drive, it will save the startup key on the USB flash drive. This will be used to unlock the operating system drive after each reboot.

startup key bek

Step 2: If you select the option to enter a password, you will enter the password and confirm it.

enter a password

Step 3: Select an option for storing the recovery key and you can back up the recovery key to one of the locations you have stored.

select location to store recovery key

Step 4: After you have saved the recovery key, click Next. And then choose how much of your drive to encrypt.

choose how much of your drive to encrypt

Step 5: Choose which encryption mode to use, and click on Next.

choose-which-encryption-mode-to-use

Step 6: Uncheck the Run BitLocker system check box, and click on Continue when ready to start encrypting.

uncheck run bitlocker system check box

Step 7: It will require to restart your PC. When it reboots, enter the encryption password created in Step 2. If you are successful in getting into Windows, you're all set.

enter bitlocker password.

Tips: If you are setting up BitLocker on a new drive, you only need to encrypt the part of the drive that is being used. When you add additional data, BitLocker will automatically encrypt that data.

start encrypting