BitLocker is designed to protect data by providing encryption for entire volumes. BitLocker Drive Encryption and bitLocker to go require a Professional or Enterprise edition of Windows 8 or 10, or the Ultimate version of Windows 7. However, starting with Windows 8.1 and Windows 10
Bit Locker uses an AES encryption algorithm with a 128bit key or 256bit key to encrypt disk volumes. Bit Locker protects your hard drive from offline attack. This is the type of attack where a malicious user will take the hard drive from your mobile machine and connect it to another machine so they can harvest your data.
The BitLocker setup wizard is available in either Windows Explorer or the Control Panel. Remember, the operating system should also have the Trusted Platform Module to fully take advantage of the encryption features.
According to Microsoft sources, Bit Locker does not contain an intentionally built in backdoor without a backdoor there is no way for law enforcement to have a guaranteed passage to the data on the user’s drives that is provided by Microsoft.
Starting with Windows 8 and Windows Server 2012 Microsoft removed the Elephant Diffuse from the BitLocker scheme for no declared reason. Dan Rosendo’s research shows that removing the Elephant Diffuse had an undeniably negative impact on the security of Bit Locker encryption against a targeted attack.
On 10 November 2015, Microsoft released a security update to mitigate security vulnerability in bit Locker that allowed authentication to be bypassed by employing a malicious Kerosene key distribution center, if the attacker had physical access to the machine, the machine was part of domain and had no PIN or USB protection