I was trying to enable Bitlocker on my C: drive, but unfortunately my PC does not have a physical TPM chip built-in. Turns out there is a way to enable Bitlocker Drive Encryption without the TPM chip with help of Group Policies.
Open Local Group Policies (gpedit.msc) > Administrative Templates > Windows Components > Bitlocker Drive Encryption > Operating System Drives > Require additional authentication at starutp
Enable this Policy and leave the default settings.
Now in Windows Explorer, Bitlocker can be turned on:
Because there is no TPM chip available, we either have the option to enter a password every time the OS boots or unlock the drive with a USB flash drive.
There are a few options for saving the recovery key. If you save it to your Microsoft Account, it can be accessed on this Microsoft site: https://account.microsoft.com/devices/recoverykey
Select the first option if you just re-installed Windows.
New should be better right?
Your PC will be restarted.
At boot, this is the prompt you’ll get:
Don’t forget to secure your Bitlocker Recovery Key just in case something breaks. You’ll need that long string.
Links:
https://support.microsoft.com/en-us/help/4530477/windows-10-finding-your-bitlocker-recovery-key
https://www.howtogeek.com/192894/how-to-set-up-bitlocker-encryption-on-windows/