I only use my Surface Pro 3 when away from work/home. It obviously can be lost or stolen so I want to use Bitlocker to to prevent access to the data stored on it. When I started to install and activate Bitlocker, to my surprise, I found Bitlocker was already activated and there was even an already available Identifier and Recovery Key. Also, after some research, I discovered a startup password is intentionally not asked for since the Surface can be used without a keyboard and, supposedly, there would be no way of entering a password so it could never be started. So, why bother at all with Bitlocker if it can be started without a password? This is a WTF thought to me but I have to assume people a lot smarter than me designed this so I am definitely missing something here. Maybe it requires a USB token but that seriously degrades security as both the Surface and token could be lost together since they would both be with me when traveling. Also, I did find evidence that a password can be forced to be used but there is absolutely nothing obvious to me from the Bitlocker Manager dialog indicating how to do this. How do I make Bitlocker prevent starting it and/or accessing any data stored on it unless I enter a high quality password? In other words, I have a very portable computer that can be lost/stolen. I want to use Bitlocker to protect the data on it, Bitlocker is indeed installed and activated, yet there is no obvious way of establishing a password leaving access to my machine fully available to anyone that has it in their hands. WTF?