Bitlocker doesn't prompt for PIN or USB key RRS feed

  • Question

  • I have been experimenting with the Windows 7 RC and BitLocker, and on two different systems (Dell Latitudes: D620 and now E6500) I've been able to activate BitLocker on the OS drive. I've saved the recovery key to a file and to a USB flash drive. However, I wasn't prompted to enter a PIN, nor am I required to provide the USB key at system boot.

    We do have the AD schema extensions required for Key Escrow, and Group Policy configuration that requires connection to AD for key archiving. This policy worked fine in Vista. I've looked through the Bitlocker on Windows 7 Step-by-Step Guide, but I'm sure I'm missing something.

    Upshot: BitLocker is ON, C: is encrypted, but there's nothing happening at system power-on to prevent access.

    Any suggestions are much appreciated.
    Wednesday, July 8, 2009 7:48 PM


  • If you use the "Local Group Policy Editor" application you should be able to modify some settings for BitLocker.
    In the Computer Configuration section, Administrative Templates, Windows Components, BitLocker Drive Encryption, you will find various settings that you can enable and change.
    Friday, July 10, 2009 7:36 AM