Tuesday, October 13, 2015

PowerShell and BitLocker : Create a Password Protected encrypted drive.


In the previous blog post , we discussed a little bit about BitLocker. And we  also see that how can user Get-BitLockerVolume to show us all the drives, including encrypted and non-encrypted one.

Today, we are going to see, how can we encrypt password protected drive using BitLocker Powershell module cmdlets.

When  I run the Get-BitLockerVolume cmdlet, it shows me the below output, you can see , that I have two drives are both are not encrypted.

I am interested in encrypting my Data Drive which is drive letter D:\.

Let's encrypt it.


To encrypt a drive, we use the Enable-BitLockerVolume cmdlet

Remember: We need to create a Secure String Password, if you want to open the BitLocker encrypted drive using Password.

$pass = ConvertTo-SecureString "Passw0rd" -AsPlainText -Force

In above command, we are creating a new secure string of text, Passw0rd, this will be out password to unlock the BitLocker encrypted drive.

Enable-BitLocker -MountPoint D:\ -EncryptionMethod Aes128 -Password $pass -PasswordProtector


In abov command, we are using Enable-BitLocker to encrypting our drive, in -MountPoint, we are providing the drive letter of the disk which we want to encrypt, in -EncryptionMethod we are providing, which type of encryption we are going to use, it can be either Aes128 or Aes256 , in -Password we have provided the variable $pass in which our secure string is strored, and then -PasswordProtector parameter.


Now it the enter, you can see that the BitLocker has started the encrypting the drive...



In the next blog post, we will see that how can we mount encrypted drives using PowerShell.

Take care till then.

Aman Dhally

With Regards.
Aman Dhally
If you like, you can follow me on Twitter and Facebook. You can also check my “You Tube channel for PowerShell video tutorials. You can download all of my scripts from “Microsoft TechNet Gallery”.

No comments:

Post a Comment