How Do I Turn Off BitLocker? What Happens If I Do?

Turning off BitLocker in both Home and Pro editions of Windows

BitLocker encrypted your drive, intentionally or otherwise, but now you want it gone. Turning it off is simple, whether you run Windows Home or Pro. I'll walk you through both, explain exactly what protection you're giving up, and why saving that recovery key matters.
Applies to Windows: 11, 10
Ann over-the-shoulder view of a Corgi in a home office sits in front of a Windows PC with an extra large screen displaying the BitLocker configuration screen.
Corgi adjusting my BitLocker settings, the rascal! (Image: Gemini)
Question: I don’t need or want BitLocker, yet it’s been turned on. How do I turn off BitLocker?

I’m going to assume you’re talking about BitLocker’s full disk encryption. And, yes, that can now include both Windows Home and Pro editions, just in different places and with different names.

I also assume you understand that with BitLocker turned off, anyone who steals your machine can access all the files on it, even without knowing your Windows login password.

Turning off BitLocker and decrypting your drive is a snap.

TL;DR:

Turning Off Bitlocker

BitLocker encrypts your whole drive so a thief can’t read your files. Don’t want it? Turn it off. On Windows Pro, use Manage BitLocker in File Explorer. On Windows 11 Home, use Device encryption in Settings.

Windows Pro editions

This applies to both Windows 10 and Windows 11.

Boot your machine and sign in to Windows. Yes, this step is required. If you cannot sign into Windows, you will not be able to decrypt the drive; that’s kinda the point of the security BitLocker provides.

Run Windows File Explorer and right-click on the drive you want to decrypt. If BitLocker is enabled on the drive, its icon will include a padlock, and the context menu will include a Manage BitLocker item. If these are not present, your drive is not BitLocker encrypted, and you’re done.

Right click menu showing the Manage BitLocker option
Manage BitLocker. (Screenshot: askleo.com)

Click on Manage BitLocker.

In the resulting dialog, click on Turn off BitLocker.

Turn off BitLocker option.
Turn off BitLocker option. (Screenshot: askleo.com)

You’ll be shown a confirmation dialog with a Turn off BitLocker button. Click on that.

The system goes to work decrypting your drive. Decrypting can take a while. How long depends on the speed of your hard disk, the speed of your computer, and the amount of data you have stored on that drive.

When the process completes, you’re done! BitLocker has been turned off on that drive, and the data decrypted.

Ask Leo! is Ad-Free!
Help keep it going by becoming a Patron.

Windows Home editions

This applies only to Windows 11 Home edition.

Boot your machine and sign in to Windows. Once again, this step is required.

In the Settings app, search for “encryption” and click on Device encryption settings when it appears.

Device Encryption setting in Windows 11 Home.
Device encryption setting in Windows 11 Home. Click for larger image. (Screenshot: askleo.com)

If Device encryption is turned off, you’re done. BitLocker is not enabled on your device.

If it is turned on, turn it off. You’ll be presented with a confirmation dialog.

Turn off device encryption confirmation.
Turn off device encryption confirmation. Click for larger image. (Screenshot: askleo.com)

Click on Turn off. Decrypting will take a while, depending on the speed of your hard disk, the speed of your computer, and the amount of data on the drive.

When the process completes, you’re done! BitLocker, in the guise of “device encryption”, has been turned off, and the data decrypted.

What just happened?

With BitLocker turned on, all data on your hard disk is encrypted. What this means is that while you can continue to use the disk normally without concern for the encrypted state. If your machine is stolen, or its disk is removed, the data on that disk remains safely inaccessible1 to the thief as long as they can’t sign in.

By turning BitLocker off, you remove that protection. Anyone who gains physical access to your machine can access the data on it — most commonly by removing the drive and connecting it to a different computer, bypassing even the need to sign in.

As some have somewhat sarcastically remarked, BitLocker has probably prevented more legitimate access than it’s prevented malicious access. Typically, this is because folks haven’t backed up the recovery key associated with the drive. At some point, something happens2, and they need the recovery key they don’t have. The result is that they’re locked out of their own drive. If data on that drive is not backed up, then the data is lost as well.

Naturally, if you’re using BitLocker, back up the recovery key.

But not all scenarios need full disk encryption. For example, if your machine is secure at home, and you don’t travel with it, BitLocker simply may not be needed, and can be turned off.

If you can’t sign in

As I said, the point of BitLocker is to prevent unauthorized access to your data. Signing in to your machine is what gives you authorization.

If you can’t sign in, you can’t decrypt the data on the hard drive.

There is, in these circumstances, one straw to grasp at. Check out Find Your Lost BitLocker Recovery Key in Your Microsoft Account.

Do this

  • Check to see if BitLocker is enabled on your drive.
  • If it is, and you want it off, follow the instructions above.
  • If it’s not and you want it on, click “Turn BitLocker On” or turn on “Device encryption” and follow the prompts.
  • If you use BitLocker, be certain to save the recovery key.
  • Regardless, back up the contents of your drive.

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

Footnotes & References

1: I’m quite aware of the Yellow Key bypass, and I expect it to be resolved by Microsoft, if it hasn’t been already.

2: “Something” is intentionally vague. I keep hearing about this scenario in a wide variety of situations.

20 comments on “How Do I Turn Off BitLocker? What Happens If I Do?”

  1. I was thinking to buy a TPM before trying to encrypt with BitLocker, but why I do not sell it in Japan.
    Since it can not be helped, it was not amazon.co.jp but was about to create an account on amazon.com.

    I felt BitLocker did not have to do it at all.

    Reply
  2. My main concern with BitLocker is that it would appear to me that Microsoft has a key to my machine stored under my Microsoft account which can be stolen by hackers or “shared” with others. I am not comfortable with anyone having any access to my machine. Am I wrong about this?

    Reply
    • Stolen by hackers only if they hack into your account, at which point you’ll have much larger problems. In my opinion the safety of keeping it in your Microsoft account should you ever need it outweighs the risks that concern you.

      Reply
  3. I just set up a new Dell Inspiron laptop for a long time client.

    It came with Windows 11 and BitLocker was already on.

    I only discovered that when I set up the older Windows 7 backup and created in IMAGE.
    I got a warning that the IMAGE would not be encrypted in spite of BitLocker being in use on the built-in SSD. That was my first clue that it was on.

    I have VERY mixed feelings about this because generally my experience with clients and encryption is that they will EVENTUALLY lose all access to the encrypted information.

    One client’s “solution” to this was to put the recovery key on a slip of paper and tape it to the laptop!

    That sort of defeated the whole purpose but, who was I to (try to) tell this (very aggressive) person that! They were not much into critical thinking. I could say more. I won’t!

    Reply
  4. It appears that Microsoft is now making Bitlocker available on all Windows versions, including the Home versions of Windows 10 and 11. It used to be that to use Bitlocker one needed the Pro version of Windows or make changes in the registry of the Home version.
    https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10
    Or am I misreading the article? all my computers have the Pro version of Windows installed and I’ve been using Bitlocker for years.

    Reply
    • Interesting:

      Beginning in Windows 8.1, Windows automatically enables BitLocker Device Encryption on devices that support Modern Standby. With Windows 11 and Windows 10, Microsoft offers BitLocker Device Encryption support on a much broader range of devices, including those that are Modern Standby, and devices that run Windows 10 Home edition or Windows 11.

      What’s interesting to me is that this doesn’t match my experience — at least not with the available UI in Windows. I’ll double check.

      What’s more interesting is that this also outlines the conditions under which Bitlocker might be enabled automatically. Thanks for the link!

      Reply
  5. I have a 500 gb SD card that I encrypted long ago. Bitlocker still accepts my password & unlocks, but when I attempt to turn it off on the drive I get an “Incorrect Function” message. Looks like I’ll have to copy it all to another drive, then format the SDCard. Sigh….

    Reply
  6. When I built this desktop PC, I decided that it should have more storage that I expect to ever need. I have a 1TB Sony M.2 drive and a 2 TB SSHD drive installed. I dual-boot Windows 10 with Neon GNU/Linux so the 1 TB drive has two partitions, 1 for Windows and the other for GNU/Linux.

    The second drive also has two partitions, but both are currently for Windows. The first (labeled data) is used to store various image files for all the OS and utility installers (such as System Rescue, etc.) I usually use, installers for many of the Apps I use (Core-Temp, rufus, MD5 and SHA Checksum Utility, etc.), and many files I don’t want to store on OneDrive but that I still want to keep.

    The other partition (labeled MacriumBackup) is for my backups. I use Macrium Reflect to create a full system backup monthly, and an incremental backup daily. I keep two complete backup sets so I can go back up to two months to recover an older version of a file if need be. I also sync my C: drive to OneDrive so most of my files are stored there too. I can access them from my desktop or either of my two laptops and if I have to re-install Windows on any of my PCs, my files will be accessible afterwards.

    All my Windows partitions on my desktop and my newer laptop are encrypted with BitLocker. I have the recovery keys stored in my Microsoft account and I have hard copies stored in a safe in my office/computer-room.

    My logic works something like this. I use Windows 10. I use Windows 11. I use Microsoft’s BitLocker to encrypt my Windows partitions. I use Microsoft’s Windows Defender as my antimalware suite. I use Microsoft’s Authenticator for 2FA to enhance the security of my Internet accounts. If I trust Microsoft enough to use all of these (especially Windows), why would I not trust them enough to store my BitLocker recovery keys in my Microsoft account which resides on one of their servers?

    To understand how good Windows Defender really is, read this item:

    https://www.neowin.net/news/microsoft-defender-beats-out-several-heavyweight-rivals-in-the-latest-av-test-ranking/

    The odds are that my desktop PC will never get stolen, but if it is, the thief will not be able to rob me a second time by being able to access all my Internet accounts (especially my bank account) and other personal information.

    At some point (after I settle on a GNU/Linux distribution – I keep changing my mind about which of several distributions I like the best) I will also encrypt my Linux partitions too (for similar reasons).

    I know this post is not entirely on topic, but BitLocker is an important part of the larger discussion about computers and computer security. I’m sorry if I went to far off topic. I didn’t mean to,

    Ernie

    Reply
  7. Its true, I have noticed BitLocker already turned on for boot partitions on many new PCs. I’m sure it could have slipped past me turned on for many others as well.

    The first thing I do is turn the dang thing off. BitLocker creates many complications. For example, you can’t resize the encrypted partitions (or move them). Most disk imaging software will not work on BL drives. If the PC fails and you need to migrate the data from the old drive (which very often is good), it is not possible. You can’t access the drive on another PC to fix problems, remove malware, or save data. I’m not sure you can clone those drives with some tools (I haven’t tried that).

    Reply
    • “Most disk imaging software will not work on BL drives.” -> Macrium Reflect and EaseUS ToDo will both work. They back up the UNencrypted contents of a Bitlocker encrypted drive.

      ” If the PC fails and you need to migrate the data from the old drive (which very often is good), it is not possible.” -> Not quite true. If you have the Bitlocker recovery key you should be able to access the drive’s contents on another Windows PC.

      But yes, it’d definitely an added complication.

      Reply
  8. Life has been easy with True Crypt and am now finally using Vera Crypt on my newer machines. I also refuse to create a Microsoft Account. Now I am concerned that Bit Locker will encrypt without my permission.

    Reply
  9. We recently got this question:
    ” . . . I could not find Bitlocker when I searched for it.”

    I followed the instructions in this article, and I couldn’t find it either, so I tried the following which worked:

    Right-click the Window Start icon and click ‘Settings’
    Click ‘System’
    Click ‘Storage’
    Scroll down to and click ‘Advanced storage settings’ under Storage management.
    Click ‘Disk & volumes’.
    Click on the drive that you want to decrypt and click ‘Properties’.
    Click ‘Turn on BitLocker’ and follow the instructions to configure Bitlocker

    The question was about turning off Bitlocker, but the steps are the same until the last one.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.