BitLocker is Microsoft’s solution to providing full disk encryption. While setting up BitLocker and encrypting your disk you probably want to check and view the progress and see the current status, as it can take quite a long time depending on the size and speed of your disk.
Here we cover how to view the current BitLocker status in both the graphical user interface, and with PowerShell.
View BitLocker Status – GUI
The current status of BitLocker can usually be viewed through the graphical user interface (GUI), however in my experience occasionally this did not appear during the encryption/decryption process, or it would disappear completely. Below is an example of the BitLocker status in the GUI.
As shown it simply shows the current progress, which may be all you want to know, however with the help of PowerShell we can also view the current status in additional to more useful information.
View BitLocker Status – PowerShell
With the help of PowerShell we can quickly and easily view the BitLocker status information of a disk by running the below command. Note that your PowerShell session will need to be running with administrative rights for this to work.
By default this will display the BitLocker status for all disks, however you can also specify a specific disk afterwards as shown below.
PS C:\windows\system32> manage-bde -status c: BitLocker Drive Encryption: Configuration Tool version 10.0.10011 Copyright (C) 2013 Microsoft Corporation. All rights reserved. Volume C: [Windows] [OS Volume] Size: 237.72 GB BitLocker Version: 2.0 Conversion Status: Decrytpion in Progress Percentage Encrypted: 7.2% Encryption Method: AES 128 Protection Status: Protection Off Lock Status: Unlocked Identification Field: Unknown Key Protectors: Numerical Password TPM And PIN
In this example we are currently in the process of decrypting a Windows 10 operating system drive, when the above command was run only 7.2% was left to be decrypted. The disk was encrypted with AES 128 as this is the default BitLocker setting, so to change this to AES 256 BitLocker first must be disabled which will decrypt the disk.
The next example was run on an external USB hard drive. The conversion status shows as fully encrypted and the percentage encrypted displays as 100%, confirming that the disk encryption has completed.
PS C:\windows\system32> manage-bde -status g: BitLocker Drive Encryption: Configuration Tool version 6.1.7601 Copyright (C) Microsoft Corporation. All rights reserved. Volume G: [Elements] [Data Volume] Size: 931.51 GB BitLocker Version: Windows 7 Conversion Status: Fully Encrypted Percentage Encrypted: 100% Encryption Method: AES 256 Protection Status: Protection On Lock Status: Unlocked Identification Field: None Automatic Unlock: Disabled Key Protectors: Numerical Password Password
The conversion status could alternatively be listed as “Used Space Only Encrypted” when percentage encrypted reaches 100%, this is because BitLocker has the option of encrypting only used data which will be a lot faster to complete as there is less of the disk to encrypt but can be less secure, or full disk encryption which will encrypt the whole disk regardless of which parts are in use.
These PowerShell examples clearly show the additional useful information that you can get regarding the status of BitLocker , compared to the simple GUI option. In either case we can easily and quickly view the current BitLocker status of a disk.