We would like to encrypt C (full disk) specifying a startup password (we are ok with this in plain text, it's temporary) and simply backup the recovery key to the desktop. So far what's working is determining whether encryption needs to be performed or not:

    set "sENCRYPTION_METHOD=NONE"
    for /F "tokens=1*" %%G in ('MANAGE-BDE -STATUS ^| FIND /I "ENCRYPTION_METHOD:"') do set "sENCRYPTION_METHOD=%%~H"
    IF "%sENCRYPTION_METHOD%"=="NONE" (
        GOTO :NotEncrypted
    ) ELSE (
        GOTO :Encrypted
    )

    :Encrypted
    cls
    echo You are Encrypted.

    goto :Verify365

    :NotEncrypted
    cls
    echo You are not Encrypted.

Where I'm have difficulty is defining the methods in which to encrypt C drive. I've tried reading https://technet.microsoft.com/en-us/library/ff829848.aspx and tried different variations, but so far I'm not getting the expected results. Our laptops don't have TPM so we need to manually enable bitlocker in gpedit.msc(we're working on a script for that later), then we are trying to run something like this:

    manage-bde -on C: -Recoverypassword > %USERPROFILE%\Desktop\PRINT_AND_DELETE.txt -SkipHardwareTest -password

However, a request to enter what password we want is being output to the .txt file instead of the default password we'd like to specify. If I try and specify a password after -password I receive a syntax error. But after reading the article, I'm not seeing where else that can be specified.

Anyone here familiar with manage-bde and can translate what we're trying to do into code? Most of us here are pretty new to Windows Batch.