With the release of the Windows 7 operating system, many users are faced with the fact that it appeared a bit obscure BitLocker service. What is BitLocker, many can only guess. Let’s try to clarify the situation with specific examples. Along the way, we will consider issues regarding how appropriate it is to use this component or completely disable it.
BitLocker: what is BitLocker, why is this service needed
If you understand, BitLocker is a universal and fully automated means of encrypting data stored on the hard drive. What is BitLocker on the hard drive? Yes, just a service that protects files and folders without user intervention by encrypting them and creating a special text key that provides access to documents.
When a user works in the system under his account, he may not even realize that the data is encrypted, because the information is displayed in a readable form, and access to files and folders is not blocked. In other words, such a means of protection is designed only for situations when an unauthorized access is made to a computer terminal , for example, when trying to intervene from the outside (Internet attack).
Password and cryptography issues
Nevertheless, if we talk about what BitLocker is Windows 7 or systems of a rank higher, it is worth noting the unpleasant fact that when users lose their login password, not only users cannot log into the system, but also perform some viewing steps documents previously available for copying, moving, etc.
But that is not all. If you look at the question of what BitLocker Windows 8 or 10 is, then there are no special differences, except that they have a more advanced cryptography technology. Here the problem is clearly different. The fact is that the service itself is capable of working in two modes, saving decryption keys either on the hard disk or on a removable USB-drive.
This begs the simplest conclusion: if there is a saved key on the hard drive, the user gets access to all the information stored on it without problems. But when the key is stored on a flash drive, the problem is much more serious. In principle, you can see an encrypted disk or partition, but you can’t read the information in any way.
In addition, if we talk about what BitLocker Windows 10 or systems of earlier versions are, one cannot but note the fact that the service integrates into any type of context menu caused by a right click, which is annoying for many users. But we will not get ahead of ourselves, but consider all the main aspects related to the operation of this component and the appropriateness of its use or deactivation.
Encryption methodology for disks and removable media
The strangest thing is that in different systems and their modifications, the BitLocker service can be by default in both active and passive mode. In the "seven" it is turned on by default, in the eighth and tenth versions, manual inclusion is sometimes required.
As for encryption, nothing particularly new has been invented. As a rule, the same public key AES technology is used, which is most often used in corporate networks. Therefore, if your computer terminal with the appropriate operating system on board is connected to the local network, you can be sure that the applied security and data protection policy implies activation of this service. Without administrator rights (even if you start changing the settings on behalf of the administrator), you cannot change anything.
Enable BitLocker if the service is deactivated
Before deciding on a BitLocker-related issue (how to disable a service, how to remove its commands from the context menu), let's look at enabling and configuring, especially since the deactivation steps will need to be performed in the reverse order.
Enabling encryption in the simplest way is done from the “Control Panel” by selecting the drive encryption partition. This method is applicable only if the key should not be saved to removable media.
In the event that the non-removable medium is blocked, you will have to find the answer to another question about the BitLocker service: how to disconnect this component on a USB flash drive? This is done quite simply.
Provided that the key is located on removable media, to decrypt disks and disk partitions, you first need to insert it into the appropriate port (connector), and then go to the security section of the “Control Panel”. After that, we find the BitLocker encryption item, and then look at the disks and media on which the protection is installed. At the very bottom, a hyperlink to disable encryption will be shown, which you need to click on. Under the condition of key recognition, the decryption process is activated. It remains only to wait until the end of its implementation.
Problems configuring encryptor components
As for the settings, there is no headache. Firstly, the system offers to reserve at least 1.5 GB for your needs. Secondly, you need to configure the permissions of the NTFS file system, reduce the size of the volume, etc. In order not to deal with such things, it is better to immediately disable this component, because most users simply do not need it. Even all those who have this service activated in the default settings also do not always know what to do with it, whether it is needed at all. But in vain. You can protect data on the local computer with it even if there is no anti-virus software.
BitLocker: how to disable. First stage
Again, we use the previously indicated item in the "Control Panel". Depending on the system modification, the names of the service shutdown fields may change. The selected drive may have a line to suspend protection or a direct indication of disabling BitLocker.
That’s not the point. Here it is worth paying attention to the fact that you will need to completely disable the BIOS update and boot files of the computer system. Otherwise, the decryption process can take a lot of time.
Context menu
This is only one side of the coin associated with the BitLocker service. What is BitLocker is probably already clear. But the flip side is also to isolate additional menus from the presence in them of links to this service.
To do this, look again at BitLocker. How to remove all service links from the context menu ? Elementary! In the "Explorer", when selecting the desired file or folder, we use the service section and editing the corresponding context menu, go to the settings, then use the command settings and organize them.
Next, we indicate the value of the “Control Panel”, find the corresponding elements of the panels and commands in the list, select the necessary command and simply delete it.
After that, in the registry editor we enter the HKCR branch, where we find the ROOTDirectoryShell section, expand it and delete the desired item by pressing the Del key or the delete command from the right-click menu. Actually, here is the last thing regarding the BitLocker component. How to disable it, it seems, is already clear. But do not flatter yourself. Anyway, this service will work in the background (just in case), whether you want it or not.
Instead of an afterword
It remains to add that this is far from all that can be said about the BitLocker encryption system component. What is BitLocker, figured out how to disable it and remove menu commands - too. The question is different: is it worth disabling BitLocker? Here you can give only one piece of advice: in a corporate LAN, you should not deactivate this component at all. But if it is a home computer terminal, why not?