- Joined
- Apr 29, 2023
- Messages
- 2
- Reaction score
- 0
Hi all,
I would like to enable BitLocker on three of my computers. Two of them have windows 10 professional and the other one has windows 11 professional (old Dell laptops with TPM 2.0).
Instead of using the GUI which disallows some settings, I was wondering if it is possible to use the command line (even PowerShell) to turn on BitLocker using the following parameters:
- The pc must be unlocked by a password on startup
- Must encrypt the entire hard drive (all partitions)
- Must also encrypt unused space
- Must allow to save the recovery key file to a specific path
- Must use AES 256-bit algorithm (default is XTS-AES 128-bit)
- If possible, I'd prefer not to change settings in the local group policy and\or modify the windows registry
What is the syntax for the BitLocker command with these parameters ?
Thank you
I would like to enable BitLocker on three of my computers. Two of them have windows 10 professional and the other one has windows 11 professional (old Dell laptops with TPM 2.0).
Instead of using the GUI which disallows some settings, I was wondering if it is possible to use the command line (even PowerShell) to turn on BitLocker using the following parameters:
- The pc must be unlocked by a password on startup
- Must encrypt the entire hard drive (all partitions)
- Must also encrypt unused space
- Must allow to save the recovery key file to a specific path
- Must use AES 256-bit algorithm (default is XTS-AES 128-bit)
- If possible, I'd prefer not to change settings in the local group policy and\or modify the windows registry
What is the syntax for the BitLocker command with these parameters ?
Thank you