Strong BitLocker To Go Passwords

TL;DR

BitLocker To Go encrypts removable drives. A weak password makes it easy to crack, defeating the purpose of encryption. This guide shows you how to create strong passwords and protect your data.

Creating a Strong BitLocker To Go Password

1. Understand Password Strength: A strong password is long (12+ characters), random, and uses a mix of uppercase letters, lowercase letters, numbers, and symbols. Avoid personal information like birthdays or names.
2. Password Length Matters: The longer the password, the harder it is to crack. Aim for at least 16 characters.
3. Use a Password Manager: A password manager generates and stores strong passwords securely. Popular options include Bitwarden, LastPass, and 1Password. This avoids you having to remember complex passwords.
4. Avoid Common Words & Phrases: Hackers use dictionaries and common phrase lists to guess passwords.
5. Check Password Strength Online: Websites like SecurityScoreCard’s password strength checker can give you an idea of how secure your password is (but don’t enter sensitive information!).

Setting a Strong Password During BitLocker To Go Setup

1. Open File Explorer: Locate the removable drive you want to encrypt.
2. Right-Click and Select ‘Turn on BitLocker’: This starts the BitLocker setup wizard.
3. Choose Password Unlock Method: Ensure “Use a password to unlock the drive” is selected.
4. Create Your Strong Password: Enter your chosen strong password in both the ‘Password’ and ‘Confirm password’ fields. The wizard will usually give you feedback on password strength.
5. Save the Recovery Key: Crucially, save the recovery key! This is essential if you forget your password or lose access to the drive. You can save it to a Microsoft account, print it, or save it as a file (store this file securely!).
6. Start Encryption: Choose whether to encrypt the entire drive or just used space. Encrypting the entire drive is more secure but takes longer.

Changing Your BitLocker To Go Password

1. Open File Explorer: Locate the encrypted removable drive.
2. Right-Click and Select ‘Manage BitLocker’: This opens the BitLocker control panel.
3. Select ‘Change password…’: Enter your current password, then enter and confirm your new strong password.
4. Confirm Changes: Follow any on-screen prompts to complete the password change.

Protecting Your Recovery Key

1. Microsoft Account: Saving to a Microsoft account is convenient, but secure your Microsoft account with strong authentication (two-factor authentication).
2. Printed Copy: Store the printed recovery key in a safe and secure location – not with the drive itself!
3. File Save: If saving as a file, encrypt that file with another password or store it on a separate, securely backed up device.

   cipher /e /a AES /i "recovery_key.txt"

   (This example uses the command line to encrypt the recovery key file using AES encryption.)

Regular Password Updates

Consider changing your BitLocker To Go password periodically, especially if you suspect it may have been compromised. A good practice is every 6-12 months.