To enable Bitlocker, you must: PC must have a TPM chip. A Trusted Platform Module (TPM) is a specialized chip on a laptop or desktop computer that is designed to secure hardware with integrated cryptographic keys.
Bitlocker needs the TPM 2.0 chip to store the cryptographic keys. This is standard. However, it is possible to use bitlocker even if your computer does not have a TPM chip. Earlier versions such as TPM 1.2 also do not work.
If you try to enable Bitlocker that does not have a TPM 2.0 chip, you will see the following message:
This device cannot use a Trusted Platform Module. The administrator must set the Allow Bitlocker without compatible TPM hardware option for the Operating System Volumes policy Require additional authentication at startup.
The advantage of the TPM chip in combination with Bitlocker is that the key to decrypt Bitlocker is stored in the TPM chip. This means that if someone gets their hands on the hard drive and tries to decrypt the hard drive without the TPM chip, this is not possible. Using Bitlocker without a TPM chip makes it still difficult, but possible, to decrypt the hard drive.
Please note that Bitlocker only works on a Windows 11 or Windows 10 PC with a professional, enterprise or education license.
Enable Bitlocker in Windows 11 or 10 without TPM
Open the room group policy editor. Right-click on the Start button. In the menu click on Run. In the run window type: gpedit.msc
Open the following policy:
Computer Configuration > Administrative Templates > Windows Components > Bitlocker Drive Encryption > System Drives
Then double-click on the “Additional authentication requirements at startup” policy.
Enable the policy by selecting the “Enabled” option. In the options, enable the option “Allow Bitlocker without compatible TPM (requires a password or a boot key on a USB flash drive)”. Click on Apply and confirm with OK.
If you now Bitlocker is about to turn on. Then you will see that you can use Bitlocker without a TPM 2.0 chip.
I hope this helped you. Thank you for reading!
Also read: How do I encrypt data on an external hard drive or USB?