Manually encrypt a computer using BitLocker (recommended method via CMD)
- Open a command prompt as administrator (right click cmd.exe, Run as Administrator / Run as Service Desk).
- In the command prompt, type “manage-bde -on C:” (given that the C: drive is the Windows drive, which should be the case by default)
- Reboot the computer.
- Once the computer has rebooted, again open a command prompt as administrator.
- Type the command “manage-bde -protectors -add -rp C:”
This will add a numeric recovery password for easy drive recovery.
- This step is very important. If this step does not get executed, no recovery of data will be possible in case of issues!
Open the command prompt as administrator again, and type the command “manage-bde -protectors -get C: > C:\%computername%.txt”
This command will create a text file with the name of the computer in the root of the C drive. For example: C:\computername.txt.
The contents of the file looks something like this – but with different numbers, of course: