Device Encryption in Windows
Device Encryption is a Windows feature that enables BitLocker encryption automatically for the Operating System drive and fixed drives. It’s particularly beneficial for everyday users who want to ensure their personal information is safe without having to manage complex security settings.
When you first sign in or set up a device with a Microsoft account, or work or school account, Device Encryption is turned on and a recovery key is attached to that account. If you're using a local account, Device Encryption isn't turned on automatically.
Unlike BitLocker Drive Encryption, which is available on Windows Pro, Enterprise, or Education editions, Device Encryption is available on a wider range of devices, including those running Windows Home.
Enable Device Encryption
If your device didn't automatically enable Device Encryption, here are the steps to enable it:
-
Sign in to Windows with an administrator account
-
In the Settings app on your Windows device, select Privacy security > Device encryption or use the following shortcut:
Note: If Device encryption doesn't appear, it's either unavailable on your device, or you might be signed in with a standard user account.
-
Use the toggle button to turn Device Encryption On
Why isn't Device Encryption available?
Here are the steps to determine why Device Encryption might not be available:
-
From Start type System Information, right-click System Information in the list of results, then select Run as administrator
-
In the System Summary - Item's list, look for the value of Automatic Device Encryption Support or Device Encryption Support
-
The value provides the reasons why Device Encryption can't be enabled
-
If the value says Meets prerequisites, then Device Encryption is available on your device.