none
Bitlocker, TPM and password RRS feed

  • Question

  • Hi,

    I am used the bitlocker functionality for my old computer with NO TPM chip. It worked nicely with password on boot.

    My recent computer was based on Windows 7 Pro with no bitlocker at all, so I was very keen to switch to Windows 10. Since it has the TPM chip - I could encrypt my disk with no hassle. However - what kind of protection it is, since it does not ask me for any password?

    I do not understand it's functionality. If I give my laptop to repair, or if I lost it - everyone can read the data. I doubt I will loose just the disk ;)

    I also know I can set PIN - but again - what kind of security it is where I can use digits only, not real password.

    Anyone can help ? At least I wish to understand what is it for.

    Any way to make it password protected?

    I consider I will just switch the TPM off and use it normal way.

    Shame other encryption software does not work with GPT :(

    Ciao,

    Whatlogin

    Tuesday, August 4, 2015 7:40 AM

Answers

  • Thanks Paul,

    Thanks a lot. I understood with your easy short information. Maybe TPM has nothing to do with bitlocker - but it is required when you try to encrypt system disk, which may confuse users like me.

    I just ended up with no TPM and dice easy password so I feel safe with my data in any standard case of having my laptop stolen. However this ant-hammering pin is interesting.

    Regards,

    Greg

    Wednesday, August 5, 2015 11:35 AM

All replies

  • Understand the TPM Owner Password

    http://technet.microsoft.com/en-us/library/cc732542.aspx

    For detailed information about TPM, you can refer to following link:

    Trusted Platform Module Technology Overview

    http://technet.microsoft.com/en-us/library/jj131725.aspx

    Hope these could be helpful.


    | Branko Vucinec | MCSE, MCSA, MCPS
    Blog: blog.brankovucinec.com

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, August 4, 2015 7:53 AM
  • Hi,

    Thanks. I checked those. Well I am not too good with it, as I am single user and not IT support for large groups.

    Seems like I just switch off the TPM and use it normal way, as this give me good sense of security in case it was stolen. TPM seems not for me. Unless anyone have better idea :)

    Regards!

    Tuesday, August 4, 2015 10:03 AM
  • On Tue, 4 Aug 2015 07:40:54 +0000, Whatlogin wrote:

    I am used the bitlocker functionality for my old computer with NO TPM chip. It worked nicely with password on boot.



    My recent computer was based on Windows 7 Pro with no bitlocker at all, so I was very keen to switch to Windows 10. Since it has the TPM chip - I could encrypt my disk with no hassle. However - what kind of protection it is, since it does not ask me for any password?



    I do not understand it's functionality. If I give my laptop to repair, or if I lost it - everyone can read the data. I doubt I will loose just the disk ;)



    I also know I can set PIN - but again - what kind of security it is where I can use digits only, not real password.

    You're confusing two different things here.

    First of all, the TPM password is used to protect access to the TPM itself.
    It has nothing at all to do with Bitlocker.

    A Bitlocker PIN is just as secure as a password or passphrase as the TPM
    itself has built-in ant-hammering security. When attempting to hack
    Bitlocker, essentially every time a hacker attempts to guess your PIN, the
    next allowed attempt will be longer and longer and eventually the TPM will
    be locked and no further attempts can be made until the person with access
    to the TPM owner password unlocks the TPM.

    In addition to a PIN, you can also require that a USB thumb drive to be
    inserted in order to unlock a drive.

    http://windows.microsoft.com/en-ca/windows-vista/what-is-a-bitlocker-drive-encryption-startup-key-or-pin


    Paul Adare - FIM CM MVP

    Wednesday, August 5, 2015 5:08 AM
  • Thanks Paul,

    Thanks a lot. I understood with your easy short information. Maybe TPM has nothing to do with bitlocker - but it is required when you try to encrypt system disk, which may confuse users like me.

    I just ended up with no TPM and dice easy password so I feel safe with my data in any standard case of having my laptop stolen. However this ant-hammering pin is interesting.

    Regards,

    Greg

    Wednesday, August 5, 2015 11:35 AM