Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How Do I Turn Off BitLocker on a Drive?

(Particularly if it’s been turned on without your knowledge.)

Bitlocker is ON.
Bitlocker is ON.  (Screenshot:
BitLocker is a fine approach to encrypting hard drives, especially the system drive. It's easy to turn off BitLocker if you decide you no longer need it.
Question: OK, I encrypted my drive. Now I’ve decided I don’t need or want BitLocker. How do I turn off BitLocker?

I’m going to assume you’re talking about BitLocker’s full-drive encryption.

I also assume you understand that with Bitlocker turned off, anyone who steals your machine can access all the files on it, even without knowing your Windows log-in password.

Turning off BitLocker and decrypting your drive is a snap.

Become a Patron of Ask Leo! and go ad-free!


Decrypting Bitlocker

  • Sign in.
  • Right-click the drive in Windows File Explorer.
  • Click on Manage BitLocker.
  • Click on Turn off BitLocker.
  • Click on the Turn off BitLocker confirmation button.
  • Wait for the operation to complete.

Decrypting a BitLocker drive

Boot your machine and sign in to Windows. Yes, this step is required. If you cannot sign into Windows, you will not be able to decrypt the drive; that’s kinda the point of the security BitLocker provides.

Run Windows File Explorer and right-click on the drive you want to decrypt. In the resulting context menu, click on Manage BitLocker.

Manage Bitlocker item
Manage BitLocker. (Screenshot:

In the resulting dialog, click on Turn off BitLocker.

Turn Off BitLocker
Turning off BitLocker. (Screenshot:

Click on the Turn off BitLocker button in the subsequent confirmation message box.

Decrypting confirmation
Confirmation message to turn off BitLocker. (Screenshot:

The system goes to work decrypting your drive.

Decrypting in Progress

As the message said, decrypting can take a while. How long depends on the speed of your hard disk, the speed of your computer, and the amount of data you have stored on that drive.

After a while, the process completes.

You’re done! BitLocker has been turned off on that drive and the data decrypted.

If you can’t sign in

As I said, the point of Bitlocker is to prevent unauthorized access to your data, and “authorized” means you can sign in to your machine. If you can’t sign in, you can’t decrypt the data on the hard drive.

Unless maybe…

Check out Find Your Lost Bitlocker Recovery Key in Your Microsoft Account for a straw to grasp at.

Do this

  • Check to see if Bitlocker is enabled on your drive.
  • If it is and you want it off, follow the instructions above.
  • If it’s not and you want it on, click on “Turn BitLocker On” and follow the prompts.
  • If you use BitLocker, be certain to save the recovery key.
  • Regardless, back up your drive .
  • Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

Podcast audio


19 comments on “How Do I Turn Off BitLocker on a Drive?”

  1. I was thinking to buy a TPM before trying to encrypt with BitLocker, but why I do not sell it in Japan.
    Since it can not be helped, it was not but was about to create an account on

    I felt BitLocker did not have to do it at all.

  2. My main concern with BitLocker is that it would appear to me that Microsoft has a key to my machine stored under my Microsoft account which can be stolen by hackers or “shared” with others. I am not comfortable with anyone having any access to my machine. Am I wrong about this?

    • Stolen by hackers only if they hack into your account, at which point you’ll have much larger problems. In my opinion the safety of keeping it in your Microsoft account should you ever need it outweighs the risks that concern you.

  3. I just set up a new Dell Inspiron laptop for a long time client.

    It came with Windows 11 and BitLocker was already on.

    I only discovered that when I set up the older Windows 7 backup and created in IMAGE.
    I got a warning that the IMAGE would not be encrypted in spite of BitLocker being in use on the built-in SSD. That was my first clue that it was on.

    I have VERY mixed feelings about this because generally my experience with clients and encryption is that they will EVENTUALLY lose all access to the encrypted information.

    One client’s “solution” to this was to put the recovery key on a slip of paper and tape it to the laptop!

    That sort of defeated the whole purpose but, who was I to (try to) tell this (very aggressive) person that! They were not much into critical thinking. I could say more. I won’t!

  4. It appears that Microsoft is now making Bitlocker available on all Windows versions, including the Home versions of Windows 10 and 11. It used to be that to use Bitlocker one needed the Pro version of Windows or make changes in the registry of the Home version.
    Or am I misreading the article? all my computers have the Pro version of Windows installed and I’ve been using Bitlocker for years.

    • Interesting:

      Beginning in Windows 8.1, Windows automatically enables BitLocker Device Encryption on devices that support Modern Standby. With Windows 11 and Windows 10, Microsoft offers BitLocker Device Encryption support on a much broader range of devices, including those that are Modern Standby, and devices that run Windows 10 Home edition or Windows 11.

      What’s interesting to me is that this doesn’t match my experience — at least not with the available UI in Windows. I’ll double check.

      What’s more interesting is that this also outlines the conditions under which Bitlocker might be enabled automatically. Thanks for the link!

  5. I have a 500 gb SD card that I encrypted long ago. Bitlocker still accepts my password & unlocks, but when I attempt to turn it off on the drive I get an “Incorrect Function” message. Looks like I’ll have to copy it all to another drive, then format the SDCard. Sigh….

  6. When I built this desktop PC, I decided that it should have more storage that I expect to ever need. I have a 1TB Sony M.2 drive and a 2 TB SSHD drive installed. I dual-boot Windows 10 with Neon GNU/Linux so the 1 TB drive has two partitions, 1 for Windows and the other for GNU/Linux.

    The second drive also has two partitions, but both are currently for Windows. The first (labeled data) is used to store various image files for all the OS and utility installers (such as System Rescue, etc.) I usually use, installers for many of the Apps I use (Core-Temp, rufus, MD5 and SHA Checksum Utility, etc.), and many files I don’t want to store on OneDrive but that I still want to keep.

    The other partition (labeled MacriumBackup) is for my backups. I use Macrium Reflect to create a full system backup monthly, and an incremental backup daily. I keep two complete backup sets so I can go back up to two months to recover an older version of a file if need be. I also sync my C: drive to OneDrive so most of my files are stored there too. I can access them from my desktop or either of my two laptops and if I have to re-install Windows on any of my PCs, my files will be accessible afterwards.

    All my Windows partitions on my desktop and my newer laptop are encrypted with BitLocker. I have the recovery keys stored in my Microsoft account and I have hard copies stored in a safe in my office/computer-room.

    My logic works something like this. I use Windows 10. I use Windows 11. I use Microsoft’s BitLocker to encrypt my Windows partitions. I use Microsoft’s Windows Defender as my antimalware suite. I use Microsoft’s Authenticator for 2FA to enhance the security of my Internet accounts. If I trust Microsoft enough to use all of these (especially Windows), why would I not trust them enough to store my BitLocker recovery keys in my Microsoft account which resides on one of their servers?

    To understand how good Windows Defender really is, read this item:

    The odds are that my desktop PC will never get stolen, but if it is, the thief will not be able to rob me a second time by being able to access all my Internet accounts (especially my bank account) and other personal information.

    At some point (after I settle on a GNU/Linux distribution – I keep changing my mind about which of several distributions I like the best) I will also encrypt my Linux partitions too (for similar reasons).

    I know this post is not entirely on topic, but BitLocker is an important part of the larger discussion about computers and computer security. I’m sorry if I went to far off topic. I didn’t mean to,


  7. Its true, I have noticed BitLocker already turned on for boot partitions on many new PCs. I’m sure it could have slipped past me turned on for many others as well.

    The first thing I do is turn the dang thing off. BitLocker creates many complications. For example, you can’t resize the encrypted partitions (or move them). Most disk imaging software will not work on BL drives. If the PC fails and you need to migrate the data from the old drive (which very often is good), it is not possible. You can’t access the drive on another PC to fix problems, remove malware, or save data. I’m not sure you can clone those drives with some tools (I haven’t tried that).

    • “Most disk imaging software will not work on BL drives.” -> Macrium Reflect and EaseUS ToDo will both work. They back up the UNencrypted contents of a Bitlocker encrypted drive.

      ” If the PC fails and you need to migrate the data from the old drive (which very often is good), it is not possible.” -> Not quite true. If you have the Bitlocker recovery key you should be able to access the drive’s contents on another Windows PC.

      But yes, it’d definitely an added complication.

  8. Life has been easy with True Crypt and am now finally using Vera Crypt on my newer machines. I also refuse to create a Microsoft Account. Now I am concerned that Bit Locker will encrypt without my permission.


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.