Windows 10: Is my computer safe without a Bitlocker password?

Discus and support Is my computer safe without a Bitlocker password? in AntiVirus, Firewalls and System Security to solve the problem; I encrypted my entire drive, and everything went fine. I notice there is no preboot password though, it just uses my normal login screen password. My... Discussion in 'AntiVirus, Firewalls and System Security' started by CannonRebel, Jan 2, 2018.

  1. Is my computer safe without a Bitlocker password?


    I encrypted my entire drive, and everything went fine. I notice there is no preboot password though, it just uses my normal login screen password. My other older computers have Veracrypt on them. You can't do a thing with those until you enter the password first. This does not seem safe to me. If my pc is stolen, can't they just bypass the simple screen login and still get into my computer just as they could with no encryption?

    :)
     
    CannonRebel, Jan 2, 2018
    #1
  2. mehdibens Win User

    Bitlocker without TPM on Windows 10

    Hello!

    So I've looked online in Technet and other websites and found that BitLocker can work with or without a TPM. I also found that using the TPM, BitLocker can lock decryption keys in it for a safer release of those when the system starts. I also understand
    that the TPM allows for BitLocker enabled systems to perform integrity scans before the OS starts. My questions is that when used without a TPM, and besides the integrity verification feature that's absent in that case, is the information in my drive still
    protected correctly? I mean, if an attacker steals my computer without having the USB key on which the startup key was stored and without access to recovery keys and other unlocking mechanisms, is my data still as safely encrypted and protected as with the
    TPM. I'm particularly talking about privacy here. I understand what other features are missing such as Safe Boot and other TPM related security features of BitLocker. I mean BitLocker doesn't store the keys somewhere else in the drive that's protected right?
    otherwise they'll be no real protection.

    Thank you!
     
    mehdibens, Jan 2, 2018
    #2
  3. How to eject Bitlocker enabled USB on Windows 10?

    Original title: How do I eject a bitlocker enabled drive?

    I have BitLocker enabled on my flash drive and I can use it fine on a computer running Windows 10 Pro, however it will not allow me to safely remove the drive claiming the computer is using it.

    This issue appeared only after I enabled BitLocker on the drive.
     
    Amazing.tf245yay, Jan 2, 2018
    #3
  4. Is my computer safe without a Bitlocker password?

    You can enable pre-boot authentication (referred to as the PIN) through group policy. Even without the startup PIN you are protected from someone getting access to your data after removing the drive or booting to a different OS. And as long as you have a strong Windows login password there's no way they can bypass the Windows login while the drive is unlocked.

    I don't know why MS doesn't expose this option in the normal Bitlocker UI. Maybe they didn't want people to easily enable the PIN, forget it, and have no way to recover the system without another computer.

    Look at Turn On or Off BitLocker for Operating System Drive in Windows 10 Security System Tutorials to enable the startup PIN.
     
    PolarNettles, Jan 2, 2018
    #4
  5. Thanks for the link. So then, does my TPI chip have to ok the Windows login password to allow the drive to unlock and be read? If so, then I really don't need to set a pin?
     
    CannonRebel, Jan 2, 2018
    #5
  6. No, the TPM does not validate your Windows password. That's still managed internally by Windows (since Windows has to work even without a TPM) after the drive is unlocked. But BitLocker does use the TPM to validate "early boot components and boot configuration data" to make sure there's no malware injected into your boot files.

    So if there happens to be some hack that can expose your Windows password while you're sitting at the login screen then your data would be exposed. Of course, that's not specifically a BitLocker issue.

    If you want to protect against such a possibility then a PIN would be needed.
     
    PolarNettles, Jan 2, 2018
    #6
  7. Thank you for helping me out. I decrypted my computer and set up an advanced PIN, now I can use my easy to remember but hard to crack password that I use with Veracrypt. I will now encrypt it that way. But with that said....

    I'm still unsure of this Bitlocker screen lock password. With my pc decrypted now, and my screen lock disabled, I was able to set up bit locker for whole drive encryption without the screen lock enabled. It was all ready to encrypt the drive. I wonder of I had done that if the computer would just simply boot right up without having to enter any pass/pin. Strange encryption, I sure hope Veracrypt comes out with a solution for the newer computers, but it's not looking good.
     
    CannonRebel, Jan 2, 2018
    #7
  8. Is my computer safe without a Bitlocker password?

    Yes, you can setup BitLocker with no password at all. I don't know why Microsoft allows this but you are correct that it means if someone stole your entire system then they could just boot into Windows. You would still be protected if they just ripped out the hard drive though.
     
    PolarNettles, Jan 2, 2018
    #8
  9. I just thought of something else. My other desktop (no TPM) has two drives, one cloned, and both have been encrypted with Veracrypt. They both boot and run just fine in the same computer. So, I just cloned the drive in my new one, can I encrypt both in the new machine which has the TPM, and will they both boot to that TPM, or will there be a problem with the key produced with the TPM for each drive?
     
    CannonRebel, Jan 2, 2018
    #9
  10. I'm not quite clear on what you're asking. Are you trying to clone a BitLocker-encrypted drive and booting to the clone?

    I believe this should be possible if you do a sector-by-sector clone. The partition table, bootloader, boot manager settings, and OS boot files need to be identical.
     
    PolarNettles, Jan 2, 2018
    #10
  11. I did a sector by sector clone. But when I install the cloned disk into my computer and encrypt it, it will generate a new key from the TPM to OS, will the TPM still recognize the other drive since the encryption keys will be different?
     
    CannonRebel, Jan 2, 2018
    #11
  12. Oh, so both drives are unencrypted and you want to boot to each one individually and encrypt them? In that case the keys would be different and you wouldn't be able to boot.

    I was thinking that you were cloning a drive that was already encrypted by Bitlocker.
     
    PolarNettles, Apr 5, 2018
    #12
Thema:

Is my computer safe without a Bitlocker password?

Loading...
  1. Is my computer safe without a Bitlocker password? - Similar Threads - computer safe without

  2. Enable to exit safe mode without Bitlocker

    in Windows 10 BSOD Crashes and Debugging
    Enable to exit safe mode without Bitlocker: Hello everyone,I'm desperately in need for help because I think I've tried everything. This morning my laptop -Lenovo Yoga bought less than 1yr ago- got stuck in safe mode probably due to an update it didn't like.The Lenovo service cannot help saying it's related to Microsoft...
  3. Enable to exit safe mode without Bitlocker

    in Windows 10 Gaming
    Enable to exit safe mode without Bitlocker: Hello everyone,I'm desperately in need for help because I think I've tried everything. This morning my laptop -Lenovo Yoga bought less than 1yr ago- got stuck in safe mode probably due to an update it didn't like.The Lenovo service cannot help saying it's related to Microsoft...
  4. Enable to exit safe mode without Bitlocker

    in Windows 10 Software and Apps
    Enable to exit safe mode without Bitlocker: Hello everyone,I'm desperately in need for help because I think I've tried everything. This morning my laptop -Lenovo Yoga bought less than 1yr ago- got stuck in safe mode probably due to an update it didn't like.The Lenovo service cannot help saying it's related to Microsoft...
  5. Stuck in safe mode without password

    in Windows Hello & Lockscreen
    Stuck in safe mode without password: I login to my windows using pin. When i set msconfig to safe mode, i was unable to login to window when the login mode change to password. Kindly advise....
  6. Exiting Safe Mode Without Password

    in Windows Hello & Lockscreen
    Exiting Safe Mode Without Password: Hello, My girlfriend was having issues with her laptop and while trying to fix it, she got stuck in safe mode. Unfortunately she does not know the password, nor does she have an installation disk or drive. We have tried accessing command prompt, restoring the system to an...
  7. Stuck in safe mode without password

    in Windows 10 Ask Insider
    Stuck in safe mode without password: I've installed a new AMD GPU to replace my Nvidia GPU. It was reccomended to delete the old drivers in safe mode before installing the new ones. I booted up in safe mode, however it asks for my password to log in. I enter my current password (different than the one I setup...
  8. Stuck in safe mode without password

    in Windows 10 Customization
    Stuck in safe mode without password: I always log on with my pincode and so I forgot my admin password. To check a problem I switched to safe mode. In safe mode Win10 asks for a password. Now I am stuck in safe mode and can't go further. Please help....
  9. how to exit safe mode without password

    in Windows 10 Installation and Upgrade
    how to exit safe mode without password: Hello, I'm looking for help, my windows 10 stucked on safe mode, I can't login because don't remember the password it's asking, but I still know the PIN that I have always used to login but the safe mode doesn't give the option to go back. I can't go to command prompt...
  10. BitLocker not requiring password at boot. (Without TPM)

    in AntiVirus, Firewalls and System Security
    BitLocker not requiring password at boot. (Without TPM): I've recently installed bitlocker on my computer. Although windows says my C: drive is encrypted; I am not asked for my decryption password when i boot the computer. I get put straight into the login screen. I've done the necessary steps to enable bitlocker without TPM but...
Tags:

Users found this page by searching for:

  1. is it safe to turn off bitlocker

    ,
  2. is it safe to turn bitlocker off