Windows 10: how to relink bitlocker and TPM device after having used veracrypt encrypting process for...

Hi,



I don't know if this question has been asked already, but here it is:

Since I've encrypted my system disk on my tablet with veracrypt, bitlocker is asking it's recovery key each time on boot because (what the error message says in eventviewer) it can't contact the TPM device anymore. I previously had encrypted my disk with bitlocker. Is there a way to relink bitlocker and the TPM device (still according to the error message) or is it just the bitlocker way to say that another encrypting software have changed the data?


I need to say maybe that I'm not stuck, I have the recovery key recorded somewhere else and so I jsut need to type it in each time. It's just that it is not supposed to ask that at eahc boot.


In the perfect scenario I would like that veracrypt is still used and so asking me at boot the password and then bitlocker would be still in use but not asking me for the recovery key. I don't see or understand why bitlocker can't verify the TPM device anymore just because veracrypt did encrypt the disk afterwards?

yes I'm under windows 10 Pro

:)

 

use veracrypt with bitlocker?

Thanks! That let me make my choice! I decided to just use veracrypt since in my opinion the whole tpm thing is a bit controversial and I can remember passwords fine. I don't want to do anything crazy (ha, coming from a person whose two favorite programs
are cmd.exe and the linux terminal)

 

use veracrypt with bitlocker?

Can I first encrypt my drive with veracrypt then encrypt it with bitlocker for two layers of protection? I know my device is compatible with both.

 

Windows 10 devices now requires hardware encryption/TPM

You know those are just encryption softwares right? the TPM by itself encrypts nothing.

EDIT: looking back at your statement about software and your endorsement of the now unsupported truecrypt I am going too assume you use the software extensivly and maybe fell upon this in there wiki article?

If it is I would like to re-iterate that the TPM is a very secure method of obtaining a key to use in conjuntion with supported software to encrypt any device. The article and truecrypts stance on TPMs relies on the assumption that it can be broken if you have physical access, which means it must not be secure. However I would remind you that in any security experts eyes physical access is the highest level of access you can have with a machine.

I would then counter with software cannot be any more secure than a physical piece of hardware responsible for generating a code because as even true crypt stated a keylogger can be used to lift the password. Encrypted data means nothing on a machine that is infected. Its like running bitlocker on a hard drive with a keylogger and my bank info. Encryption does nothing to protect my bank account. Likewise truecrypt veracrypt bitlocker are all just software resources used to encrypt a hard drive.

They only provide you with protection if a drive is physically read from another machine. A TPM is not an encryption device. It is a device used to generate a key based off of the hardware in a given machine to help add an extra layer of protection to encryption software using that key as a PARTIAL unlock sequence (any software that uses a TPMs code does not use it exclusively it simply uses it in conjunction with a software key generated to unlock your data) thus is the hardware changes the code changes which inturn renders the drives unlockable unless you use the emergency unlock sequence provided too you by the software vendor.