1. AOMEI Partition Software >
  2. Disk Partition Tips >
  3. How to Fix BitLocker Is Off and Can’t Enable in Windows 11/10

How to Fix BitLocker Is Off and Can’t Enable in Windows 11/10

Discover why you're getting the "BitLocker could not be enabled" error. Follow our guide to restart encryption services, fix partition limits, or use AOMEI to encrypt your drive safely.

Lucas

By Lucas Updated on March 20, 2026

Share this: instagram reddit
Table of Contents

Data security is no longer optional. With strict corporate compliance standards and data protection laws globally, encrypting your local drives is a basic necessity. Microsoft’s built-in encryption tool, BitLocker, is the go-to solution to prevent unauthorized access to your sensitive files, preventing data theft even if your physical laptop is stolen.

However, many users hit a frustrating roadblock when deploying this security measure: they navigate to their control panel only to find that BitLocker is off can’t enable. Clicking the prompt results in a pop-up stating"BitLocker could not be enabled."

Bitlocker couldn't turn on

Why does this happen, and how can you force Windows to secure your drive? In this troubleshooting guide, we will break down the hardware and software prerequisites for encryption and provide five proven methods to fix your BitLocker activation error safely.

Understanding Why You Can't Turn On BitLocker

Before diving into the technical fixes, you must understand Microsoft's strict hardware requirements to encrypt hard drive Windows 10 and Windows 11 devices. If your system fails even one of these checks.

🌟BitLocker will refuse to initialize:
  • TPM Chip Requirement: By default, BitLocker requires a Trusted Platform Module (TPM) version 1.2 or 2.0 chip installed on the motherboard to store encryption keys safely.
  • Partition Size: The system partition (which contains the boot files) must be at least 350 MB in size, so you may need to resize partitions on your Windows.
  • Partition Flags: The target partition you are trying to encrypt cannot be marked as the "Active" boot partition.
  • Background Services: The core Windows service responsible for encryption must be running automatically.
  • Windows Edition: Natively, BitLocker is only available on Windows Pro, Enterprise, and Education editions (though we will share a workaround for Home users later).

How to fix BitLocker is off and can't be enabled

If you meet the OS requirements but still face issues, proceed through the following step-by-step fixes.

Method 1: Restart the BitLocker Drive Encryption Service

The most common reason users cannot turn on BitLocker Windows 11 or Windows 10 is that the underlying Windows service has crashed or was disabled during a system update. You need to ensure it is set to run automatically.

Step 1. Press the Windows Key + R simultaneously to open the Run dialogue box.

Step 2. Type services.msc and press Enter to open the Windows Services manager.

service

Step 3. Scroll down the alphabetical list until you locate the BitLocker Drive Encryption Service.

Step 4. Right-click the service and select Properties.

Step 5. In the middle of the window, locate the "Startup type" dropdown menu. Change it from "Manual" to Automatic.

Bitlokcer service

Step 6. Click Apply, then click Start to run the service immediately. Click OK and try enabling BitLocker again.

Method 2: Bypass TPM Hardware Requirements via Group Policy

If you are using an older PC or a custom-built workstation without a TPM chip, you will receive an error stating that a compatible TPM cannot be found. You can bypass BitLocker hardware requirements by tweaking the Local Group Policy Editor.

Step 1. Press Windows Key + R, type gpedit.msc, and press Enter.

gpedit

Step 2. In the left pane, navigate to Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives.

Step 3. In the right pane, double-click on Require additional authentication at startup.

Step 4. In the new window, select Enabled at the top left.

Step 5. Under the "Options" section, check the box that says "Allow BitLocker without a compatible TPM (requires a password or a startup key on a USB flash drive)."

Allow bitlocker without a compatible TPM

Step 6. Click Apply and OK. Restart your computer and try encrypting your C: drive again.

Method 3: Mark the Target Partition as Inactive

BitLocker refuses to encrypt a partition if it is currently flagged as the "Active" boot partition. You can remove this flag using the built-in Diskpart command-line tool.

❗ Warning: Ensure you are selecting the correct data drive. Modifying incorrect partitions via Diskpart can cause boot failures.

Step 1. Press the Windows Key, type cmd, right-click Command Prompt, and select Run as administrator.

Step 2. Type diskpart and press Enter.

Step 3. Type list disk and press Enter to see all connected drives.

Step 4. Type select disk X (replace X with the disk number containing the drive you want to encrypt) and press Enter.

Step 5. Type list partition and press Enter.

Step 6. Type select partition Y (replace Y with the target partition number) and press Enter.

Step 7. Type inactive and press Enter. The command prompt will confirm the partition has been marked inactive. Close the window and launch BitLocker.

Inactivate partition

Method 4: Extend the System Partition Safely

If your system boot partition is smaller than the required 350 MB, BitLocker will instantly fail. You cannot natively expand a partition using Windows Disk Management if there is no contiguous unallocated space next to it.

To easily extend system partition for BitLocker, you should use AOMEI Partition Software. Its "Allocate Free Space" feature allows you to directly siphon unused gigabytes from a data drive (like D:) and inject them directly into your system drive in one click.

Free Download Windows 11/10/8.1/8/7
Secure Download

Step 1. Download, install, and launch AOMEI Partition Software.

Step 2. On the main interface, right-click a drive with plenty of free space (e.g., your D: drive) and select Allocate Free Space.

Allocate free space

Step 3. In the pop-up window, input the amount of space you wish to transfer (e.g., 1.00 GB) and select the destination drive (your system partition) from the drop-down list.

Step 4. Click OK.

Allocate space

Step 5. Click Apply in the top-left corner, and then click Proceed to execute the operation. Once your system partition exceeds 350 MB, BitLocker will function normally.

Apply

Method 5: Use AOMEI Partition Software’s Dedicated BitLocker Manager

If you are a Windows Home user, Microsoft restricts you from using BitLocker entirely. Alternatively, if your Windows Pro encryption tool is deeply corrupted and the above fixes fail, you need a robust alternative.

AOMEI Partition Software features an independent, highly secure BitLocker Manager tool. It allows you to enable, manage, backup keys, and encrypt drives flawlessly, completely bypassing standard Windows bugs.

Step 1. Open AOMEI Partition Software. Click on the Tools tab in the top menu and select BitLocker.

BitLocker tools

Step 2. The software will scan and display all connected operating system drives, fixed data drives, and removable USBs. Locate the drive you wish to secure and click Turn on BitLocker.

Turn on BitLocker

Step 3. Create a strong, memorable password to encrypt the drive, confirm the password, and click Next.

create password

Step 4. You will be prompted to back up your 48-digit encryption key. You can choose to Save to a file (recommended, save it to a separate USB drive) or Print the recovery key.

Sacve password

Step 5. Click Next to begin the encryption process. Do not turn off your PC or remove the drive while it is securing your sectors.

Step 6. Once complete, click Completed. Your drive is now locked.

Finished

Conclusion

Securing your corporate and personal data is essential. When you discover that BitLocker is off can't enable, it usually boils down to a crashed background service, a missing TPM chip, or restrictive partition layouts. By systematically restarting the BitLocker Drive Encryption Service, bypassing TPM requirements, or adjusting partition flags, you can force Windows to secure your files.

For users who want to bypass technical command lines—or for Windows Home users who are locked out of native encryption entirely—AOMEI Partition Software is the ultimate solution to manage disk partitions securely.

Beyond its powerful standalone BitLocker Manager, AOMEI Partition Software gives you complete control over your workstation. You can safely convert legacy MBR disks to modern GPT formats for Windows 11 readiness, seamlessly allocate free space between drives to fix storage errors, and securely wipe sensitive disks before recycling old PCs.

FAQ

Why is the BitLocker option completely missing from my Control Panel?

If the BitLocker icon is entirely missing, you are likely running Windows 10 Home or Windows 11 Home. Microsoft restricts native BitLocker to Pro, Enterprise, and Education editions. To encrypt your drives on a Home edition, you must use a specialized third-party encryption manager like AOMEI Partition Software.

Will turning on BitLocker delete my existing files?

No. BitLocker encrypts the data dynamically. Your operating system, personal files, photos, and applications remain exactly where they are, and no data is wiped during the encryption process. However, it is highly recommended to back up your 48-digit unlock key securely.

How do I unlock my drive if I forget my BitLocker password?

If you forget your password, the only way to access your drive is to use the 48-digit recovery key generated when you first enabled BitLocker. This key may be saved on a USB drive, printed on a physical piece of paper, or automatically synced to your Microsoft Account online.

Does BitLocker slow down my computer's performance?

Modern processors include hardware acceleration specifically designed for encryption (AES-NI). For the vast majority of users utilizing standard SSDs and modern CPUs, the performance impact of BitLocker is entirely unnoticeable during daily office work, web browsing, and media consumption.

Lucas
Lucas · Editor
I prefer peaceful and quiet life during vacation,but sometimes I watch football match if my favorite club performs brilliantly in that season. And I love reading, painting and calligraphy, thus I send my friends festival handwriting cards every year.
Related Articles
11 Ways to Reset Password in Windows 10/11 Computer

Forgot your password and cannot use your Windows 10 computer? Take it easy! In this tutorial, we’ll show you several ways to reset password Windows 10 to help you out. Besides, if you just want to change your password, the detailed steps are also provided.

How to Reset Windows 7 Password with a USB Flash Drive

If you forget the password, how to reset Windows 7 password with USB flash drive? In this step-by-step guide, we'll walk you through the process of resetting your Windows 7 password using a USB flash drive.

How to Wipe an SD Card Securely & Completely on Windows 11/10

In this post, you will know how to wipe an SD card on Windows 10 and 11. Use the best data eraser tool—AOMEI Partition Assistant—to completely wipe your SD card for free.

AOMEI Partition Software

Advanced and comprehensive partition manager, disk converter, and PC optimizer for Windows 11/10/8.1/8/7.

Free Download

Windows 11/10/8.1/8/7
Learn more