Published by


Brink's Avatar
Administrator

Posts: 25,183

Show Printable Version 


How to Lock BitLocker Encrypted Drive in Windows

information   Information
BitLocker Drive Encryption is a data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers.

BitLocker can encrypt the drive Windows is installed on (the operating system drive) as well as fixed data drives (such as internal hard drives). You can also use BitLocker To Go to help protect all files stored on a removable data drive (such as an external hard drive or USB flash drive).

You can choose how you want to unlock an encrypted data drive: with a password or a smart card. For removable data drives encrypted with BitLocker To Go, you can set the drive to automatically unlock when you sign in to the PC. For fixed data drives, you can also set the drive to automatically unlock when you unlock the PC, if you prefer, as long as the operating system drive is BitLocker-protected.

To lock a fixed data drive encrypted by BitLocker, you could restart the computer unless you set the drive to automatically unlock when you sign in next.

To lock a removable data drive encrypted by BitLocker, you could disconnect the drive or restart the computer unless you set the drive to automatically unlock when you connect the drive or sign in next.

This tutorial will show you how to manually lock a fixed or removable drive encrypted by BitLocker in Windows 7, Windows 8, and Windows 10.

You must be signed in as an administrator to manually lock a drive.
Note   Note
For Windows 7, BitLocker Drive Encryption is only available in the Windows 7 Professional and Windows 7 Enterprise editions.

For Windows 8/8.1, BitLocker Drive Encryption is only available in the Windows 8 Pro and Windows 8 Enterprise editions.

For Windows 10, BitLocker Drive Encryption is only available in the Windows 10 Pro, Enterprise, and Education editions.

CONTENTS:
  • Option One: Lock a BitLocker Encrypted Drive in Command Prompt
  • Option Two: Lock a BitLocker Encrypted Drive in PowerShell


EXAMPLE: Locked BitLocker encrypted drive
Name:  Locked_BitLocker_drive.jpg
Views: 75
Size:  55.4 KB






Lock BitLocker Encrypted Drive in Windows OPTION ONE Lock BitLocker Encrypted Drive in Windows
Lock a BitLocker Encrypted Drive in Command Prompt

1. Open an elevated command prompt.

2. Type the command below into the elevated command prompt, and press Enter. (see screenshot below)

manage-bde -lock "<drive letter>:" -ForceDismount

Note   Note
Substitute <drive letter> in the command above with the actual drive letter (ex: "D") of the unlocked encrypted drive you want to lock.

For example: manage-bde -lock "D:" -ForceDismount
Tip   Tip
You can check the status of BitLocker for the drive at anytime.
Name:  Locked_BitLocker_drive_command.jpg
Views: 76
Size:  40.1 KB

3. You can now close the elevated command prompt if you like.






Lock BitLocker Encrypted Drive in Windows OPTION TWO Lock BitLocker Encrypted Drive in Windows
Lock a BitLocker Encrypted Drive in PowerShell

Note   Note
To see more Disable-BitLocker command usage options, see: Disable-BitLocker - Microsoft Docs

1. Open an elevated Powershell.

2. Type the command below into the elevated PowerShell, and press Enter. (see screenshot below)

Lock-BitLocker -MountPoint "<drive letter>:" -ForceDismount

Note   Note
Substitute <drive letter> in the command above with the actual drive letter (ex: "D") of the unlocked encrypted drive you want to lock.

For example: Lock-BitLocker -MountPoint "D:" -ForceDismount
Tip   Tip
You can check the status of BitLocker for the drive at anytime.
Name:  Locked_BitLocker_drive_PowerShell.jpg
Views: 74
Size:  40.9 KB

3. You can now close the elevated PowerShell if you like.


That's it,
Shawn