Whether you're operating In a work environment, or have a network setup at home with multiple computers and virtual machines up and running, It's Important to protect your sensitive data by using BitLocker Drive Encryption. As such, sometimes there Is the need to check the status of the encrypted drives or partitions, particularly when Implementing changes. In this tutorial, I will show you how to check In depth details of BitLocker encrypted drives.
It's not a simple task to keep track of every device and It's hardware components that's running on your network, and If you've applied BitLocker Drive Encryption on selected drives with different configurations and user authentication types, It's Important to keep track of their status.
For Instance, you may wish to know If a fixed data drive Is currently locked and the type of authentication used to unlock It (such as a password or smart card), as well as It's storage capacity and encryption method used. If you're running a network on a large scale, physically checking each drive can be a somewhat arduous task.
To simplify this, I will demonstrate how to view such details, by using both the Windows Command Prompt and PowerShell. As you're aware, BitLocker Is only available In Windows 10 Pro, Enterprise and Education editions. So without further ado, let's rip Into this tutorial.
Step One:Firstly, I'll use the Command Prompt that must be executed with elevated privileges. To do this, enter cmd In the search box, right-click on the search result at the top, and select Run as administrator as shown below.
Step Two:Here's my BitLocker drive that's currently unlocked. We'll see the details In the next couple of steps.
Step Three:Now enter the following command Into the Command Prompt.
manage-bde -status E:
Leave the manage-bde - status as Is, and replace E: with the drive letter of your BitLocker encrypted drive. Your command should look similar to mine. When done, hit Enter on your keyboard.
Step Four:As you can see In my example below, It's returned quite a few details, such as the volume size, Lock Status, and the type of authentication used, namely a password.
Step Five:I've now locked my drive, and executed the same command as per Step Three above. The Lock Status Is displayed as exactly that (Locked), and a few Unknown entries have been returned. That's because my BitLocker drive Is Locked, and the command cannot read It's respective status.
Step Six:Let's see the results, when checking a drive not protected by BitLocker. I've ran the command against my OS Drive and as you can see, the Conversion Status Is accordingly returned as Fully Decrypted. The None Found entry In Key Protectors, confirms that BitLocker has not been applied.
Step Seven:Now let's use PowerShell. As with the Command Prompt, It must be executed with admin rights. Enter powershell In the search box, right-click on the search result at the top and hit Run as administrator.
Step Eight:Then enter the following command.
Get-BitLockerVolume -MountPoint "E:"
Leave the Get-BitLockerVolume -MountPoint as Is, substitute "E:" with the drive letter of your BitLocker encrypted drive, and hit Enter. In my case, It's returned the status as FullyEncrypted.