none
Question about BitLocker RRS feed

  • Question

  • Hi,

    On Windows 10, I noticed you can decrypt your hard drive without using the encryption key. Is there a way to enable that function? 

    Are there reasons why one can just click on "Turn off Encryption" from the Manage BitLocker section and it just does it with the admin password?

    Thursday, May 19, 2016 1:19 PM

Answers

  • Hi Jim_Shorts,

    What is the main purpose?

    "Is there a configuration where it's mandatory to enter the encryption key in order to "turn off decryption"?"?

    There are two operations about Bitlocker "Unlock", "Decrypt". We should unlock firstly then it will be available to decrypt it by turn off bitlocker. I am afraid there is no such configuration to decrypt it directly.

    Best regards


    Please mark the reply as an answer if you find it is helpful.

    If you have feedback for TechNet Support, contact tnmff@microsoft.com


    Monday, May 23, 2016 6:43 AM
    Moderator

All replies

  • not clear as your OS would boot only after having key to decrypt data. Other drives would be configured auto unlock i.e. their key is in system driver from where bitlocker picks up and decrypts the drive automatically. In all keys to decrypt the drive is already available  to OS and hence you can decrypt the drive if you want. Nothing windows 10 specific here
    Thursday, May 19, 2016 1:49 PM
  • Hi Jim_Shorts,

    "I noticed you can decrypt your hard drive without using the encryption key. Is there a way to enable that function?"

    I am not sure the exact scenario. Bitlocker is mainly for offline protection. When you input the password to access the bitlocker drive, you only be allowed to access the bitlocker drive but all the information in the drive is still encrypted. Here is a theory called "key in key". When you turn off bitlocker, all the information will be decrypted automatically in the background.

    Here is a link for reference of Bitlocker.
    BitLocker Drive Encryption Overview
    https://technet.microsoft.com/en-us/library/cc732774(v=ws.11).aspx#BKMK_BitLockerConcepts

    Best regards


    Please mark the reply as an answer if you find it is helpful.

    If you have feedback for TechNet Support, contact tnmff@microsoft.com

    Friday, May 20, 2016 6:51 AM
    Moderator
  • I see, I see...

    Is there a configuration where it's mandatory to enter the encryption key in order to "turn off decryption"?


    Thank you for your assistance.

    Friday, May 20, 2016 1:58 PM
  • Hi Jim_Shorts,

    What is the main purpose?

    "Is there a configuration where it's mandatory to enter the encryption key in order to "turn off decryption"?"?

    There are two operations about Bitlocker "Unlock", "Decrypt". We should unlock firstly then it will be available to decrypt it by turn off bitlocker. I am afraid there is no such configuration to decrypt it directly.

    Best regards


    Please mark the reply as an answer if you find it is helpful.

    If you have feedback for TechNet Support, contact tnmff@microsoft.com


    Monday, May 23, 2016 6:43 AM
    Moderator