none
Bitlocker without TPM or USB? RRS feed

  • Question

  • Is there a way to turn on BitLocker without a TPM or a USB?  I would just want to encrypt the disk.  The computer is in a locked room with lots of security, so I'm not worried about someone stealing it.

    So really I just want to encrypt the drive without TPM or USB, it this possible?

    Wednesday, February 8, 2012 4:46 PM

Answers

All replies

  • Afaik, a TPM chipset is required for BitLocker

    Brandon Wilson - Premier Field Engineer (Platforms)

    Wednesday, February 8, 2012 7:18 PM
  • Hi,

    As far as I know, BitLocker supports five configurations: TPM only, TPM+PIN, TPM + Startup Key, TPM + PIN + Startup Key, Startup Key only. ( Startup Key method eeds a USB flash drive containing the startup key.)
    So there is no way to BitLocker without TPM or USB flash.

    BitLocker Drive Encryption Overview

    http://technet.microsoft.com/en-us/library/cc732774.aspx


     Hope that helps.
    Friday, February 10, 2012 1:54 PM
  • The Operating System Drive can be encrypted if you use a USB device for storage of the key.  Feel free to refer to the GPMC in Computer Configuration > Policies > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives > Require additional authentication at startup.  You'll see that BitLocker can be configured to use USB as a startup option. 
    Friday, February 10, 2012 3:28 PM
  • If you can re-partition the disk, you could encrypt a non-OS disk with BitLocker without having to have a TPM or USB device.  You'll just need to manually type in your password every time the computer is rebooted. 
    Friday, February 10, 2012 3:29 PM