BitLocker

BitLocker is Microsoft's own hard drive encryption: This requires a separate partition on the system drive to be encrypted, which can also be created automatically. BitLocker starts before the actual operating system and checks in advance whether the hardware used is unchanged (TPM) and can therefore be classified as trustworthy - the use of a secure password for decryption is recommended. BitLocker also offers the option of unlocking the system with a key file (token) located on a USB stick or, alternatively, using a password to increase security. If neither a token nor a password protection is configured, BitLocker remains passive until a change in the system hardware used with the hard disk occurs. The hard disk is encrypted with AES (128 bit or 256 bit key).