I am expecting my new laptop in a couple of days. This has a 2Tb HDD and comes with Win 10 Pro. The first thing I would do is shrink the C: drive to 200Gb max and made a D: drive for my data. I also change location of all User Folders to be under a single folder in drive D:. That way all my data is on D: partition and can be backed up easily. I also move the Desktop to D:. So D: needs to be accessible when the user logs in. The second thing I want to do is encrypt the full hard disk or at least the data. I have asked in a few forums and everyone recommended using BitLocker over Veracrypt. But I am bit confused and have a few queries : 1) Can I encrypt the whole hard disk at a time or I have to encrypt both partitions individually? 2) If I need to encrypt each partition and give the same passwords, will I have to enter the passwords 2 times on boot or will both be unlocked at the same time? 3) Can both partitions be NTFS formatted? 4) At boot will only the system partition be unlocked or both partitions together? If not then when would the 2nd partition be unlocked and what would happen to the mapped user folders till the time the D: partition is unlocked? 5) If I encrypt only D: drive, can it be NTFS formatted and would it be unlocked at boot through a password or after the booting is complete? Again, what happens to folders mapped in D: drive in this case? 6) If the laptop has any problem and I want to access the hard disk by connecting to another computer, can I unlock by using BitLocker software on another computer? Should I turn off TPM for this to work? How? 7) Is this scenario better suited to BitLocker or VeraCrypt?