Windows 10: Cannot enable BitLocker, device can't use TPM

Discus and support Cannot enable BitLocker, device can't use TPM in AntiVirus, Firewalls and System Security to solve the problem; I have two drives, one stores the OS and the other stores other files. I have BitLocker enabled on the second drive but cannot seem to enable it on the... Discussion in 'AntiVirus, Firewalls and System Security' started by cbb828282, Sep 21, 2020.

  1. cbb828282 Win User

    Cannot enable BitLocker, device can't use TPM


    I have two drives, one stores the OS and the other stores other files. I have BitLocker enabled on the second drive but cannot seem to enable it on the first drive containing the OS. Please see error message below. I have a TPM chip installed on my board.. so I do not see what the issue is. BitLocker on the second drive is using the TPM module, and to my knowledge you can store more than 1 key on the chip.. Please see second image for more info on the TPM admin..




    Cannot enable BitLocker, device can't use TPM 3cab5efd-608a-4023-9179-9b4bfced24db?upload=true.png




    Cannot enable BitLocker, device can't use TPM 4b5d6401-65d4-45aa-b934-38a1839d8028?upload=true.png

    :)
     
    cbb828282, Sep 21, 2020
    #1
  2. Yan.S Win User

    Bitlocker without TPM

    Hi there,

    I'm trying to use Bitlocker without TPM

    My version is Windows 10 Home, and I try to follow -

    To turn on BitLocker Drive Encryption on a computer without a compatible TPM



    1. Click Start, type gpedit.mscin the Start Search box, and then press ENTER.
    2. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
    3. In the Local Group Policy Editor console tree, click Local Computer Policy, click Administrative Templates, click Windows Components, and then clickBitLocker Drive Encryption.
    4. Double-click the setting Control Panel Setup: Enable Advanced Startup Options.
    5. Select the Enabled option, select the Allow BitLocker without a compatible TPM check box, and then click OK.
    You have changed the policy setting so that you can use a startup key instead of a TPM.

    1. Close the Local Group Policy Editor.
    2. To force Group Policy to apply immediately, you can click Start, typegpupdate.exe /forcein the Start Search box, and then press ENTER.
    3. Click Start, click Control Panel, click Security, and then click BitLocker Drive Encryption.
    4. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
    5. On the BitLocker Drive Encryption page, click Turn On BitLocker. This will only appear with the operating system volume.
    6. On the Set BitLocker Startup Preferences page, select the Require Startup USB Key at every startup option. This is the only option available for non-TPM configurations. This key must be inserted each time before you start
      the computer.
    7. Insert your USB flash drive in the computer, if it is not already there.
    8. On the Save your Startup Key page, choose the location of your USB flash drive, and then click Save.
    9. On the Save the recovery password page, you will see the following options:
    · Save the password on a USB drive. Saves the password to a USB flash drive.

    · Save the password in a folder. Saves the password to a folder on a network drive or other location.

    · Print the password. Prints the password

    While I have a problem on step 4.

    Double-click the setting Control Panel Setup: Enable Advanced Startup Options.

    I can find "BitLocker Drive Encryption" on my group policy editor, while I cannot find
    Control Panel Setup: Enable Advanced Startup Options anywhere.

    Thank you for your help.

    Best Regards,

    Yan
     
    Yan.S, Sep 21, 2020
    #2
  3. lx07 Win User
    Bitlocker - Win 10 - TPM 2.0 - Legacy Mode

    According to here you need to boot in UEFI to configure bitlocker then you can change to CSM.
    Pre-Provision Bitlocker - TPM 2.0 - SCCM 1610
     
  4. Cannot enable BitLocker, device can't use TPM

    BitLocker refuses to enable

    Windows 10 Pro on Dell Optiplex 5040

    Domain-joined

    No TPM

    I have tried repeatedly to enable BitLocker on this machine and all attempts have failed. The majority of suggestions point me to gpedit.msc > Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating
    System Drives > Require additional authentication at startup (and be sure "Allow BitLocker without a compatible TPM" option is checked). The option is checked and the GPO enabled, however, I still receive the error "This
    device can't use a Trusted Platform Module. Your administrator must set the "Allow BitLocker without a compatible TPM" option in the "Require additional authentication at startup" policy for OS volumes."

    We don't have any other computers with this issue, though, to be fair, this is one of the only computers without TPM. What else can be done?
     
    Matthew Wallace PS, Sep 21, 2020
    #4
Thema:

Cannot enable BitLocker, device can't use TPM

Loading...
  1. Cannot enable BitLocker, device can't use TPM - Similar Threads - Cannot enable BitLocker

  2. Can't enable Bitlocker.

    in Windows 10 Ask Insider
    Can't enable Bitlocker.: [ATTACH] I've recently build my new rig. I enabled Secure boot and TPM in the bios which is in UEFI mode. However when trying to enable bitlocker on my C: drive I get the following error:...
  3. Enable Bitlocker by using a script

    in Windows 10 Customization
    Enable Bitlocker by using a script: Hi Everyone, My first post in here, hopefully you can help me out with this simple question. I've been able to create a GPO to deploy a script on all user machines and execute with a Scheduled Task with the use of SYSTEM permissions. Not a logon script etc. It works...
  4. Can't enable BitLocker with TPM only

    in Windows 10 Ask Insider
    Can't enable BitLocker with TPM only: I'm having a hard time getting BitLocker to work the same way on my newly built desktop as it does on my Surface Pro 3, i.e. the drive is unlocked instantly with the TPM and I go straight to the windows login screen. When I try to configure BitLocker it just wants me to plug...
  5. Query related to using BitLocker and TPM on PC

    in AntiVirus, Firewalls and System Security
    Query related to using BitLocker and TPM on PC: Questions about bit-locker and TPM-security for latest windows 10 version 1909 and up or lower. I’m looking on the web some answer confuse more then it resolves anything. and i want something to easely fall back for myself and other people 1 Do you require to clear...
  6. Error: This device cannot use a Trusted Platform Module, when enabling Bitlocker

    in AntiVirus, Firewalls and System Security
    Error: This device cannot use a Trusted Platform Module, when enabling Bitlocker: This device cannot use a Trusted Platform Module. Your administrator must "Allow BitLocker with out a compatible TPM" option in the "Require additional authentication at start-up" policy for OS volumes. How do I go about doing this? ***Modified title from: Bitlocker***...
  7. WHY use TPM with bitlocker?

    in AntiVirus, Firewalls and System Security
    WHY use TPM with bitlocker?: i still have to understand WHY to use TPM with bitlocker. these are my concerns, i tried to use bitlocker with my tpm but the encryption was "free" without to enter any password at boot. Ok this kind of encryption is useful ONLY IF a thief steal ONLY the hd .... but what if...
  8. Cannot enable BitLocker

    in AntiVirus, Firewalls and System Security
    Cannot enable BitLocker: Hi all, I need help with drive encryption. The BitLocker keeps giving me an error with a message "The startup options on this PC are configured incorrectly. Contact your system administrator for more information". [ATTACH] I have attempted everything I could on my...
  9. Bitlocker with TPM

    in AntiVirus, Firewalls and System Security
    Bitlocker with TPM: Hi , I,m not sure if this is the right place to post this . Anyway , My query is about encryption on win10 pro . Previously I had a laptop with no TPM so I had to us the group policy editor to allow encryption to work , fine ,all was working and I had to type a password...
  10. TPM Ready with reduced functionality; unable to use BitLocker

    in AntiVirus, Firewalls and System Security
    TPM Ready with reduced functionality; unable to use BitLocker: Hello. I often browse the TenForums (and the forums for the other Windows versions too), since there are many helpful guides and tools here for whenever I'm having troubles. However, this time I've made an account to make a thread, since there wasn't a similar problem...