How to Enable BitLocker for Use with USB Drives

BitLocker is an inbuilt Windows encryption technology that protects your data from illegitimate access by encrypting the drives. It requires authentication before it is unlocked for regular use as well as unauthorized access by intruders. Generally, many users have not been able to turn on BitLocker for their USB and cannot see the USB in the BitLocker settings. It has been observed that the BitLocker option is not seen when you select the USB drive in the File Explorer.


ADVERTISEMENT

This issue is encountered when the USB drives file format is not compatible with the BitLocker application or the encryption service of Bitlocker is interrupted. Also, there are chances of wrong system Group Policy settings causing this error. In this article, you will find some fixes to overcome this issue of not being able to turn on BitLocker for USB.

We suggest you make a check of the following points before moving ahead with the fixes.

1. Take a backup of the important files and folders on the USB drive.

2. Make sure you are not using a Remote Desktop Connection to enable the BitLocker encryption on the USB.

3. If the USB drive does not have storage space available, it would raise this issue with BitLocker.

4. Update your Windows and drivers to the latest version.

 

Fix 1 – Turn On BitLocker Encryption Service

 

1. Just press Windows and R keys together to open Run.

2. Type services.msc to open Windows Services.

 

1 Run Services Optimized

 

3. Locate BitLocker Drive Encryption Service in the list.

4. Right-click on it and click on Start. In case it is running, then click on Restart.

 

Start Bitlocker Service Min

 

5. Once the service starts, go to your USB and check if you can use BitLocker to encrypt it.

 

 

 

Fix 2 – Remove the Conflicting Update

 

Users have noticed that after an update the BitLocker functionality does not work for USB Drives. To overcome the issue, the latest conflicting update can be uninstalled.

 

1. Press Windows + R to open the Run dialog.

2. Type ms-settings:windowsupdate to open the Windows Update Settings.

 


ADVERTISEMENT

Windowsupdate In Run

 

3. Click on View update history.

 

Windows Update View Update History Min

 

4. Now select Uninstall updates.

 

View Update History Uninstall Updates Min


ADVERTISEMENT


 

5. Select the conflicting update. Generally, the KB4579311 and KB2799926 updates are known to cause this error while using BitLocker.

6. Click on the Uninstall button.

 

Uninstall Conflicting Update Min

 

7. In the confirmation prompt, click on Yes to confirm the uninstallation of update. Wait for the process to complete.

 

Confirm Uninstall Update Min

 

7. Restart your PC. Now check whether BitLocker can be used with USB Drives.

 

Fix 3 – Make Changes to the Group Policy

 

1. Open Run (Windows + R). Type gpedit.msc to open Local Group Policy Editor.

 

Run Gpedit Min

 

2. Click on Computer Configuration on the left pane to expand it.

3. Within it select Administrative Templates and then click on Windows Components.

 

Group Policy Editor Windows Components Min

 

4. Under Windows Components, click on BitLocker Drive Encryption to expand it.

5. Select Removable Data Drives within it.

 

Group Policy Editor Bitlocker Removable Data Drives Min

 

6. Double-click on Control Use of BitLocker on Removable Drives on the right side.

 

Group Policy Editor Removable Data Drives Control Use Of Bitlocker Min

 

7. Select the Enabled option in the new window that appears.

 

Control Use Of Bitlocker Enabled Min

 

8. In the same window, go to the Options section below and check both the options Allow users to apply BitLocker protection on removable data drives and Allow users to suspend and decrypt BitLocker protection on removable data drives.

 

Control Use Of Bitlocker Options Check Both Min

 

9. Click on Apply and then on OK to save the changes.

10. Restart your PC. Now check whether the problem with USB and BitLocker is solved.

 

Fix 4 – Use Disk Partitioning Utility (Diskpart) to Make the USB Drive Inactive

 

1. Use Windows and R together to open the Run dialog.

2. Type diskmgmt.msc to launch Disk Management.

 

Run Diskmgmt Min

 

3. Here check if the USB device is marked Active. Write down the Disk ID if it is active (for example Disk 2).

 

Disk Management Usb Drive Details Min

 

4. Open Run dialog again. Type cmd and press Shift + Ctrl + Enter to open Command Prompt as administrator.

 

Run Cmd Min

 

5. Execute the following commands :

Diskpart

List disk

6. Execute the command using the Disk ID noted down in Step 3.

select Disk ID

List Partition

7. Type the select command below assuming the USB has only one partition.

Select Partition 1

INACTIVE

8. In case there is more than one partition for the USB, repeat step 7 above to set all USB partitions as Inactive.

9. Type exit to close Diskpart and then close Command Prompt.

 

Diskpart Command Execution Make Usb Inactive Min

 

10. Remove USB and restart your system.

11. Insert the USB again and check if the USB can be encrypted using BitLocker.

 

Fix 5 – Format the USB Drive and Convert it to GPT

 

Create a New Simple Volume on the USB Device

 

1. Open Disk Management using Steps 1 and 2 in Fix 4 above.

2. Select the USB drive.

3. Right-click on the partition and choose the option Delete Volume…

 

Select Usb Delete Volume Min

 

4. Confirm the partition deletion by clicking on Yes.

 

Deleting Volume Confirmation Min

 

5. Make sure all the USB partitions are deleted in case there is more than one.


ADVERTISEMENT

6. Now go to the unpartitioned space and right-click on it. Choose New Simple Volume…

 

Select Usb New Simple Volume Min

 

 

7. Go ahead with the process following the on-screen wizard instructions.

8. In the Format Partition window, select NTFS for File system and make sure to uncheck the option Perform a Quick format.

 

Format Partition Options Min

 

8. Once the format process completes, remove the USB from the system.

9. Reinsert the USB and check if the issue with BitLocker is resolved.

10. If the issue still exists, try shrinking the partition size using the option Shrink Volume… and check if it helps clear the issue.

 

Change the USB to GUID Partition Table (GPT) Disk

 

If formating the USB did not help to overcome the issue, then try to change the USB to a GPT Disk.

1. Perform Steps 1 – 5 above to open Disk Management and have the USB partitions deleted.

2. Open Run (Windows + R). Type cmd and press Shift + Ctrl +Enter to open Command Prompt with admin privileges.

3. Execute the following commands one after the other.

diskpart

list disk

select disk ID

convert gpt

4. Once the conversion completes, you will see a message Diskpart successfully converted the selected disk to GPT format.

 

Cmd Convert To Gpt Min

 

4. Detach the USB from the system. Restart your computer.

5. Now connect the USB again to check if the problem with Bitlocker being enabled for USB is fixed.

 

 

Thanks for reading.

You must now be able to turn on BitLocker encryption for USB drives without any issues. Comment and let us know the fix that helped you.

ADVERTISEMENT