Windows 10: Bitlocker with TPM

Discus and support Bitlocker with TPM in AntiVirus, Firewalls and System Security to solve the problem; Hi , I,m not sure if this is the right place to post this . Anyway , My query is about encryption on win10 pro . Previously I had a laptop with... Discussion in 'AntiVirus, Firewalls and System Security' started by tamo, Jun 9, 2017.

  1. TAMO
    tamo Win User

    Bitlocker with TPM


    Hi , I,m not sure if this is the right place to post this .

    Anyway , My query is about encryption on win10 pro .

    Previously I had a laptop with no TPM so I had to us the group policy editor to allow encryption to work , fine ,all was working and I had to type a password to unlock bilocker when my laptop came out of hibernation or rebooted .

    I now have a laptop with a TPM which seems much easier and apparently more secure but here,s what,s bothering me : I do not need to type a password on start up or coming out of hibernation to unlock the drive so just say someone stole my laptop . they would be able to get into the OS and files even though its encrypted . I do have a PIN to sign in to windows but just say I only wanted to use a local account with no PIN or password how useful is having my laptop encrypted .
    What then is the main reason for using encryption ?

    Sorry if I've confused anyone or my explanation isn't so clear .

    :)
     
    tamo, Jun 9, 2017
    #1
  2. MR_COHEN
    Mr_Cohen Win User

    BitLocker On TPM ver 2.0

    Hey all.

    I hope that i'm asking this at the right area of this Forum.

    I have a DELL Latitude 5480 with Win10 pro on it.

    After enabling BitLocker, BitLocker asking for a recovery key on every reboot.

    I've found that BitLocker cannot work properly with TPM ver 2.0, (Dell Latitude 5480 comes with TPM version 2.0).

    After downgrading TPM, from ver 2.0 to ver 1.2, BitLocker works smoothly.

    Any solution for BitLocker on TPM ver2.0?

    Thank in advance.
     
    Mr_Cohen, Jun 9, 2017
    #2
  3. HENRIMATTILA
    HenriMattila Win User
    Bitlocker with TPM installed

    Hi! I was able to encrypt my system drive with bitlocker with TPM.

    Now I'm trying to use bitlocker to my other data drives but bitlocker can't use TPM.

    Any help?
     
    HenriMattila, Jun 9, 2017
    #3
  4. DENCAL
    dencal Win User

    Bitlocker with TPM

    With your need for encryption why on earth would you even consider leaving open your local account without a pin or password?
    It defeats the object of securing your computer.....locking the front door but leaving the back door open.
     
    dencal, Jun 9, 2017
    #4
  5. TAMO
    tamo Win User
    That's the answer I deserved with a post like that . I always use a password or pin to log in to windows . I just liked it better when I had to also use a password to unlock the drive . I have nothing even so sensitive to warrant encryption I use it because I can.
     
    tamo, Jun 9, 2017
    #5
  6. DENCAL
    dencal Win User
    It takes a special kind of person to reply as you have, and a wise one at that....regards .
     
    dencal, Jun 9, 2017
    #6
  7. ASTORMYDAY
    astormyday Win User
    TAMO,
    you are NOT wrong in what you want to do. TPM is SUPPOSED to protect this stuff. BUT, I have a samsung tabPro S (windows), and have even written to samsung PRESIDENT in s. Korea, and no reply. They institute this stuff, and then never have details about it.

    You ARE correct that RELYING solely on the TPM is problematic. BUT, you CoULD edit the group policy for Bitlocker and allow a PIN; you then get protection of "TPM plus PIN", which requires that PIN for ANY windows boot-up, including hibernation (I have my notebooks set up for TPM plus PIN). You THEN could leave the actual windows user as not requiring a password (first, test to verify)

    HOWEVER (and again, I may post a more detailed thread on this question), your machine may have an actual BIOS ADMINISTRATOR PASSWORD. From my understandings from SOME threads (although still not clear), this BIOS ADMINISTRATOR PASSWORD is controlled by TPM also.

    In my scenario (I am not totally comfortable with it yet), I start the tablet (the samsung), and ON-screen keyboard comes up, and I can enter the BIOS ADMINISTRATOR PASSWORD. If this is NOT entered corectly, it shuts down. IF it IS entered corectly, then Boot-up continues, Bitlocker unlocks (its key is stored with the TPM), and it boots up to my Username/p[assword for windows.
    I DID WANT to have "bitlocker PLUS PIN", but the problem with the samsung is that the On-screen keyboard does NOT work for Bitlocker, it only works for the BIOS ADMINISTRATOR PASSWORD. REPEATED requests to samsung have been fruitless for an answer about the on-screen keyboard.

    In the above scenario, if someone STOLE the computer, lets assume they can't break the BIOS ADMINISTRATOR PASSWORD. if they got to the BIOS, and somehow CLEARED the TPM, then the Bitlocker key gets wiped out, and bitlocker owuld need entry of the 46-character actual recovery key.

    Anyway, for your situation, explore the BIOS ADMINISTRATOR PASSWORD, and the GPEDIT.msc (group policy) to allow Bitlocker to have a PIN.

    hope this helps
     
    astormyday, Apr 5, 2018
    #7
Thema:

Bitlocker with TPM

Loading...

  1. Bitlocker with TPM - Similar Threads - Bitlocker TPM

  2. Grandma forgot her PIN. Windows 11 Bitlocker TPM only uses a PIN to login.

    in Windows 10 Gaming
    Grandma forgot her PIN. Windows 11 Bitlocker TPM only uses a PIN to login.: Grandma forgot her PIN. Windows 11 Bitlocker TPM only uses a PIN to login. The HP Envy will not factory reset, probably because of the TMP. Diskpart does not see the drive. I'm trying to get her new Windows 11 computer going without changing the hard drive. Maybe someone has...

  3. Grandma forgot her PIN. Windows 11 Bitlocker TPM only uses a PIN to login.

    in Windows 10 Software and Apps
    Grandma forgot her PIN. Windows 11 Bitlocker TPM only uses a PIN to login.: Grandma forgot her PIN. Windows 11 Bitlocker TPM only uses a PIN to login. The HP Envy will not factory reset, probably because of the TMP. Diskpart does not see the drive. I'm trying to get her new Windows 11 computer going without changing the hard drive. Maybe someone has...

  4. Windows activating BitLocker upon disabling TPM

    in Windows 10 Gaming
    Windows activating BitLocker upon disabling TPM: So picture this: You spam the F9 key to boot into BIOS settings. And then disable the TPM. But then all the sudden there's a BitLocker recovery screen. But you don't have Windows Pro... That's what I'm basically implying. Windows freaked out over disabling TPM. And yeah I...

  5. Windows activating BitLocker upon disabling TPM

    in Windows 10 Software and Apps
    Windows activating BitLocker upon disabling TPM: So picture this: You spam the F9 key to boot into BIOS settings. And then disable the TPM. But then all the sudden there's a BitLocker recovery screen. But you don't have Windows Pro... That's what I'm basically implying. Windows freaked out over disabling TPM. And yeah I...

  6. Windows activating BitLocker upon disabling TPM

    in Windows 10 BSOD Crashes and Debugging
    Windows activating BitLocker upon disabling TPM: So when I went to go disabled TPM and Windows instantly freaked out and enabled BitLocker upon disabling TPM, and you may be thinking! Why can't you just switch to a different version of Windows to stop that. Well believe it or not I'm on Windows home! So that means I don't...

  7. Windows Hello Pin + Bitlocker & TPM 2.0

    in Windows Hello & Lockscreen
    Windows Hello Pin + Bitlocker & TPM 2.0: Hello, I wanted to protect both my device and my hard drive from any thief that could have physical access to them. I've searched a bit of information regarding these features, and I've got a question regarding Windows Hello Pin vs Local Password: - In order to add a Windows...

  8. Windows Hello Pin + Bitlocker & TPM 2.0

    in Windows 10 Gaming
    Windows Hello Pin + Bitlocker & TPM 2.0: Hello, I wanted to protect both my device and my hard drive from any thief that could have physical access to them. I've searched a bit of information regarding these features, and I've got a question regarding Windows Hello Pin vs Local Password: - In order to add a Windows...

  9. Windows Hello Pin + Bitlocker & TPM 2.0

    in Windows 10 Software and Apps
    Windows Hello Pin + Bitlocker & TPM 2.0: Hello, I wanted to protect both my device and my hard drive from any thief that could have physical access to them. I've searched a bit of information regarding these features, and I've got a question regarding Windows Hello Pin vs Local Password: - In order to add a Windows...

  10. TPM error on Windows Server 2019 when enabling Bitlocker

    in Windows 10 Gaming
    TPM error on Windows Server 2019 when enabling Bitlocker: Hi, I have set the local group policy on Windows Server 2019 to allow Additional Authentication at startup with also allowing TPM chip to be used I left every at defaults and enabled the policy. I am still getting the same error "Can't use TPM. You admin must set the "Allow...
  1. TIGEROMEGA
    Thread

    Bitlocker

    Is it possible to use Bitlocker on a single folder? The only option I can see it to lock the entire drive. 112392
    Thread by: Tigeromega, Jun 16, 2018, 3 replies, in forum: AntiVirus, Firewalls and System Security
  2. TIGEROMEGA
    Thread

    Is it possible to use Bitlocker on a single folder?

    Is it possible to use Bitlocker on a single folder? The only option I can see it to lock the entire drive. 112392
    Thread by: Tigeromega, Jun 16, 2018, 3 replies, in forum: Windows 10 Installation and Upgrade
  3. GERRYDOG65
    Thread

    BitLocker How access drive?

    I have a hard drive that was suspended during an in-place install win 10, build 16299-431. I resumed BitLocker protection on all drives (5...
    Thread by: gerrydog65, Jun 6, 2018, 2 replies, in forum: AntiVirus, Firewalls and System Security
  4. GERRYDOG65
    Thread

    BitLocker How can I access drive?

    I have a hard drive that was suspended during an in-place install win 10, build 16299-431. I resumed BitLocker protection on all drives (5...
    Thread by: gerrydog65, Jun 6, 2018, 2 replies, in forum: Windows 10 Support
  5. EDRAY
    Thread

    Getting bitlocker to accept my valid passwords

    I am not sure if this is the right place to post bitlocker issues but I was not able to find any forum titled encryption apps or similars so I...
    Thread by: edray, Jun 6, 2018, 2 replies, in forum: AntiVirus, Firewalls and System Security
Tags: