What is BitLocker drive encryption? Do you need to clone BitLocker encrypted disk ? This post from MiniTool shows you how to clone a BitLocker encrypted disk to another disk smoothly, even to a smaller disk.

What Is BitLocker?

BitLocker is a full volume encryption feature included with Microsoft Windows versions starting with Windows Vista. It is designed to protect data by providing encryption for entire volumes.

What Does BitLocker Do?

The BitLocker encryption is applied to the volume that may span part of a hard disk drive, the whole drive, or more than one drive. It is usually used to protect computer hard drives, mobile hard drives, U disks, and other storage devices.

Dynamic disks aren't supported by BitLocker.

If the BitLocker drive encryption is not enabled, everyone can access data on the storage device, including the computer disks. For example, if your computer is lost, others can remove your computer's hard disk and connect it to other computers. In this way, they can access data on the computer's hard drives.

However, once a storage device is BitLocker encrypted, it requires the BitLocker key for data access. Even if other people connect the computer hard drive to other computers, they cannot access the data on the disk.

BitLocker Encryption Modes

In general, BitLocker has three encryption modes. These modes are related to how to unlock the encrypted drive.

  • Transparent operation mode: This mode uses the TPM chip to seal the BitLocker key. In this mode, TPM unblocks the drive automatically and users power up and log in to Windows as usual.
  • User authentication mode: In this mode, users use a password to unblock the drive. If you use this method to encrypt the C drive, you need to enter the BitLocker password every time you boot up Windows.
  • USB key mode: In this mode, users use a smart card or a USB device to seal the BitLocker key. However, BitLocker does not support smart cards for pre-boot authentication. To use this way to encrypt the C drive, you need to use the manage-bde tool to create a USB device that contains a startup key into the computer to be able to boot the protected OS.

BitLocker To Go: What Is It & How to Use It to Encrypt Your USB

BitLocker System Requirements

To use BitLocker, your computer should meet the following system requirements.

  • Windows Vista/7 Ultimate and Enterprise editions; Windows 8/8.1 Pro and Enterprise editions; Windows 10/11 Pro, Enterprise, and Education editions; or Windows Server 2008 and later.
  • At least two partitions on the disk (a system drive named EFI or System Reserved and a boot drive C:). In addition, the boot drive should be NTFS format. Two partitions are required because pre-startup authentication and system integrity verification must occur on a separate partition from the encrypted operating system drive.
  • A partition subject to encryption can't be marked as an active partition. This requirement applies to operating system drives, fixed data drives, and removable data drives.

Some people may have merged the system disk into the C drive. In this case, the C drive should be active and cannot be encrypted by BitLocker.