BitLocker was initially a data encryption protection method in Vista. The entire operating system partition and Data Partition can be encrypted. It can be used together with the hardware TPM (Trusting Platform Module, a majority of commercial Laptops and Desktops, and the server motherboard includes this component) security components. BitLocker encrypts Windows and the entire drive where your data stays to help secure all information including documents and passwords. When BitLocker is enabled, it automatically encrypts all files stored on the drive.
In Windows 7 (flagship edition), BitLocker features have been improved. BitLocker To Go is a new feature of Windows 7, it can encrypt mobile storage devices such as USB flash drives and mobile hard disks, and supports both FAT and NTFS formats. Windows 7 also provides a variety of group policy settings to improve the security of BitLocker. The following uses an instance to experience the BitLocker function.
1. encrypt the USB flash drive
A. the test USB flash drive here is Kingston DataTraveler 8 GB. First, right-click the USB flash drive on my computer and you will see the "Turn on BitLocker" option.
B. After clicking it, you need to set the USB flash drive unlock mode. One is through the "password" and the other is the "Smart Card" (another USB flash drive is needed as the storage medium ).
C. If you select the "password" unlock method, the system will ask if you need to back up the "Recovery Key". This is in case you forget the password or lose the Smart Card.
Just in case we save the Recovery Key to a file.
The size of the saved file is only 1 kb.
D. Click Start Encrypting to Start encryption.
The entire encryption process is slow. The specific time is not recorded. The 8 gb usb flash drive takes at least 20 minutes. If you encrypt the entire hard disk, it will be slower.
Finally completed!
E. after the encryption is complete, you can see that the USB flash drive icon has a silver lock icon in my computer, which indicates that the device is encrypted and unlocked, there is no difference between use and unencrypted USB flash drives.
F. re-insert the USB flash drive. If the USB flash drive icon is changed to a gold lock, the device is encrypted and has not been unlocked, and the size of the USB flash drive is invisible.
Double-click the USB flash drive and the system will ask for the unlock password. If you are using your computer at home, you can check "Automatically unlock on this computer from now on ".
After unlocking, you can continue to use it.
2. Use in XP
To insert an encrypted USB flash drive into the XP system, you also need to enter the unlock password.
Note: Unlike Windows 7, in XP, you can only "read" the USB flash drive and copy the files to be read to the local desktop, it cannot be opened directly from the USB flash drive.
In addition, if the Format operation is performed on the USB flash drive, the BitLocker function will automatically become invalid. That is to say, if the USB flash drive is lost, it can be used after formatting, but he still cannot see the file in it (the Format is dropped ...).
3. Hard disk encryption
Local hard disk encryption is basically the same as USB flash drive encryption. Note: BitLocker does not encrypt the M boot partition. If the partition is not started, Microsoft explains that BitLocker will automatically create the boot partition during the encryption process.
Choose "Control Panel"> "System and Security"> "BitLocker Drive Encryption" to view all local hard Drive devices. Click "Turn On BitLocker" after the corresponding hard Drive.
4. Group Policy Settings
In Windows 7, BitLocker provides a variety of group policies. You can set them as needed. Here we will not describe them one by one.
Run the gpedit. msc command to go to the Local Group Policy Editor and click the following path to find the corresponding BitLocker settings.
"Local Computer Policy"-> "Computer Configuration"-> "Administrative Templates"-> "Windows Components"-> "BitLocker Drive Encryption"
I believe BitLocker can be used to provide good protection for the data in the local hard disk and mobile storage devices.