A feature of OSX that I appreciated was the ability to create a secured volume for storing personal documents. Since converting to Windows 10, I’ve found you can get the same feature using Bitlocker. I already have hard drive encryption enabled which gives you that first level of security, but having a password-protected volume on top for sensitive documents is even better.
To start, we need to create a VHD (virtual hard drive) by opening the Disk Management utility and selecting ‘Create VHD’ from the Action menu.
Next we need to configure a few settings for our VHD. Click the Browse button and choose a location and filename for your drive. Then specify the disk size. Since I’m only storing PDFs and spreadsheets, I’m going to make this one relatively small at 2GB. The standard VHD format will be fine and since I want optimal read\write performance I’m going to choose the fixed size hard drive type. This will cause the VHD file to consume the full allocated size on your physical hard drive. Alternatively, you can configure it dynamically expand which will allow it to grow to the maximum size as you add data to it. Good choice if you’re limited on hard drive space and not concerned about performance.
This will create a new disk in the management utility. Right click the disk name (‘Disk 1’ in my case) and select ‘Initialize Disk’. The default settings in the initialization window will work for us, go ahead and click OK.
Now that the disk has been initialized, we need to create a volume on it. Do that by right-clicking the ‘Unallocated’ disk block and select ‘New Simple Volume’. This will walk you through a wizard to configure the volume. For our purposes, we’ll want to format the drive as NTFS and give it a volume label.
Once it’s complete, an explorer window will appear listing our new disk.
Next we need to enable Bitlocker on the disk by right-clicking the disk and selecting ‘Turn on Bitlocker’. Specify a password for the drive and click next.
If you forget your password, you can still access your drive using the generated recovery key. You’ll need to save the key before moving on. If you have Bitlocker encryption enabled for your physical hard drive, you won’t be able to save it as a file on that drive. But you can choose to print the recovery key as a PDF within the print dialog window.
Last you’ll need to set the encryption mode. Since this drive will only be used on this device, we’ll select ‘New encryption mode’ since it provides the best level of encryption.
After the encryption process has completed we are ready to add our files to the drive. When we’re done working, we want to close it by right-clicking and selecting ‘Eject’.
To reopen the drive, double click on the VHD within Windows Explorer. It will reappear in your drive list but you will most likely get an error saying the drive is not accessible. Click OK to close the alert and then double-click the drive in your drive list.
After entering your password you will be able to work in the drive folder again.
Bitlocker works great for most cases, but if your looking for more security options or need to need a solution that works on other platforms you may want to consider an alternative tool such as Veracrypt. But for my needs, the built in Bitlocker features are perfect.