Windows 7 is the next generation of operating system due from Microsoft and it is still set for a planned release for early 2010 which would be three years after the release of Windows Vista.
This article is a walkthrough of the steps for enabling BitLocker on your Windows 7 system.
[NOTES FROM THE FIELD] – Microsoft has now released their Release Candidate for Windows 7; I wrote a brief article Windows 7 Release Candidate (Build 7100) – Early Details on this already and at this time there is a tentative release date for Windows 7 this fall supposedly near the end of October time frame.
From a write up provided by Microsoft titled Windows 7 Pre-release (M3) Privacy Supplement (which was last updated in October of 2008) indicated that only certain versions of Windows 7 would natively include BitLocker; they were “Windows 7 Enterprise Edition and Windows 7 Ultimate Edition”
This may have changed since that release of information but I still do not know of any other versions other than Windows 7 Starter Edition, Windows 7 Home Basic, Windows 7 Home Premium, Windows 7 Professional, Windows 7 Enterprise and Windows 7 Ultimate.
[NOTES FROM THE FIELD] – I am speculating that since there is no Windows 7 Business Edition listed as we have with Vista that there will be no released in that category and that Windows 7 Professional may well be the replacement for that.
Having said that it would appear that only Windows 7 Enterprise Edition and Windows 7 Ultimate Edition would natively include BitLocker unless Microsoft makes any changes or releases any additional information on their proposed SKUs (stock keeping units).
There are system requirements in order to leverage BitLocker. The quick rundown on these requirements are:
I won’t go into too many of the additional details here in the overview as much of that would be a repeat of my A Security Comparison Overview of BitLocker and Encrypting File System (EFS) in Windows 7 PART 2 – BitLocker for Windows 7 article that is already posted online so rather than do that I will just go into the walkthrough from here.
To get started with BitLocker you would open up the Control Panel and choose the System and Security category and then choose the BitLocker Drive Encryption subcategory.
Once you do that you’ll see the “Help protect your files and folders by encrypting your drives” screen and we are going to choose “New Volume (E:)” to turn on BitLocker by selecting the “Turn On BitLocker” link option next to the volume description.
The next screen we’re presented is the “Choose how you want to unlock this drive” page and we will select the “Use a password to unlock this drive” checkbox and enter a password twice before hitting NEXT to continue.
The next property page we arrive at is the “How do you want to store your recovery key” page. There are three options to choose from but for the purposes of this walkthrough we are going to choose the “Save the recovery key to a USB flash drive” option and choose NEXT to continue.
[NOTES FROM THE FIELD] – If you chose the print option you’d see a file print out much like the image below.
Additionally, if you saved it to a file instead you’d see the output of the file.xps file as shown below.
After choosing the “Save the recovery key to a USB flash drive” option and then NEXT to continue we arrive at the “Encrypt the drive” property page where we have the summary of our actions shown and the option to cancel our efforts or to choose “Start Encrypting” to continue.
Once we choose “Start Encrypting” the property page closes and we see a smaller status / progress window of the ongoing actions and the final result when the drive is fully managed by BitLocker Drive Encryption.
What you’ll notice now from the “Help protect your files and folders by encrypting your drives” screen is that icon for “New Volume (E:)” has changed to show a set of keys that represents the drive locked and under the security of BitLocker Drive Encryption.
You’ll also notice a couple of administrative options (provided you are logged in as an Administrator and the options are not managed in some other way – e.g. Group Policy) next to your BitLocker controlled drive: “Turn Off BitLocker” and “Manage BitLocker.”
We’ll continue the walk through effort by selecting the “Manage BitLocker” option which brings up the “Selection options to manage” screen.
We’ll chose the “Change password to unlock the drive” option.
When we do this we are presented with the “Create a password to unlock this drive” page and we can enter in a new password of our choosing.
The image above shows the error that is thrown when the passwords between the two fields do not match. The one below shows the error thrown when you attempt to enter a password that does not meet the minimum length requirements.
Once you enter a password that does meet the minimum length requirements you’ll have finished with this step.
And that’s it – your drive is now protected via BitLocker Drive Encryption and locked with the password of your choice.
That’s a wrap for my Walkthrough for BitLocker on Windows 7 article – I hope you found it a good investment of your time.
In my next article Walkthrough for BitLocker To Go on Windows 7 I will be reviewing some of the high level information on the BitLocker To Go functionality which extends BitLocker data protection to USB storage devices allowing them to be secured and performing a walkthrough of those steps.
I am always looking forward to any feedback you have on this or any of the articles I have written so feel free to drop in some comments or contact me directly.
Additionally, I would welcome any suggestions topics of interest that you would like to see and based on demand and column space I’ll do what I can to deliver them to you.
Best of luck in your studies.