A utility in Windows, starting with Vista, that encrypts the entire contents of the storage drive (hard disk or SSD). If the computer's motherboard has a Trusted Platform Module (TPM) chip, the operation is entirely transparent to the user.
Non-TPM Operation
If the motherboard does not have a TPM chip, BitLocker can be used in two ways. In User Authentication Mode, a PIN or password must be entered when the computer is turned on. In USB Key Mode, either a USB drive or a smart card with a USB interface is inserted at startup (see
CCID).
BitLocker vs. Encrypting File System
Two encryption systems come with Windows. BitLocker encrypts the entire storage drive, whereas Encrypting File System (EFS) is used to encrypt specific files. See
EFS and
TPM.