To enable BitLocker encryption on a USB flash drive, do the following:
1. Insert the USB flash drive, click Start, and then click Computer.
2. Right-click the USB flash drive, and then click Turn On BitLocker. BitLocker initializes the drive.
3. On the Choose How You Want To Unlock This Drive page, choose one or more for the following options, and then click Next:
- Use A Password To Unlock This Drive (recommended) Select this option if you want the user to be prompted for a password to unlock the drive. Passwords allow a drive to be unlocked in any location and to be shared with other people.
- Use My Smart Card To Unlock The Drive Select this option if you want the user to use a smart card and enter the smart card PIN to unlock the drive. Because this feature requires a smart card reader, it is normally used to unlock a drive in the workplace and not for drives that might be used outside the workplace.
4. On the How Do You Want To Store Your Recovery Key page, click Save The Recovery Key To A File.
5. In the Save BitLocker Recovery Key As dialog box, choose a save location, and then click Save.
6. You can now print the recovery key if you want to. When you have finished, click Next.
7. Choose how much of your drive to encrypt: “Encrypt used disk space only (faster and best for new PCs and drives)” or “Encrypt entire drive (slower but best for PCs and drives already in use)”. If you are using a new USB drive, please use: Encrypt used disk space only. If you USB drive has already data on it, please use “Encrypt entire drive”. Click “Next”.
8. Choose which encryption mode to use: “New encryption mode (best for fixed drives on this device)” or “Compatible mode (best for drives that can be moved from this device)”. Please use: Compatible mode (best for drives that can be moved from this device). Click “Next”.
9. On the page: “Are You Ready To Encrypt This Drive”, click “Start Encrypting”. Do not remove the USB flash drive until the encryption process is complete. How long the encryption process takes depends on the size of the drive and other factors.
This screen will come up when the USB flash drive is undergoing the encryption process:
10. When you open the USB drive on your own or another computer, a message box will popup and asks you enter a password. To remember the password, please click “More options”. Then select “Automatically Unlock this drive on this computer”.
BitLocker in Windows 10 version 1511 (November Update) now includes the 256-bit XTS-AES encryption mode that provides additional integrity support with the improved algorithm. However, it’s not available on older versions of Windows.
You’ll need to choose which method to use. So, if you only plan on using this drive on the PC you’re encrypting it on; you’ll probably want to use the new encryption mode.