none
Enabling Bitlocker without a TPM - 8.1 Pro RRS feed

  • Question

  • I have been going around and around with this issue.  I bought a brand new Dell laptop that had 8.1 on it.  I then purchased 8.1 Pro so that I can use Bitlocker.  My company is requiring that I encrypt my entire internal hard drive (C drive).  I've had a few IT guys follow the steps you can find online to set this up.

    We've tried with using just a password at sign on - that did not work.  Then we tried with using a USB flash drive as the key to sign on.  That did not work.  

    I've talked to the Microsoft Store Tech guys in person and one of them told me that if I don't have a TPM chip on my computer Bitlocker isn't going to run.  But that doesn't make sense because why does the error message tell you a work around when you computer doesn't have TPM?!  I don't know if I believe them. 

    The IT guy within my company said the BIOS need to be adjusted.  I don't really know what this means and I don't know how to do it.  He told me I need to have someone experienced with whole disk encryption WDE do it in person.  Well I can't find anyone in the Bay Area.  Geek Squad doesn't know how to do this or even offer this as a service.  Dell wants to charge me an additional $230 for this kind of "premium support" as the call it.
    Tuesday, January 6, 2015 6:32 PM

Answers

  • Hello Enabling Bitlocker without a TPM,

    Do you mean that you want to enable BitLocker without  TPM?
    Do you receive any error message when you fail to encrypt the C: drive?

    Please contact the Manufacturer DELL to confirm if the laptop has TPM.
    A TPM is a microchip designed to provide basic security-related functions, primarily involving encryption keys. The TPM is usually installed on the motherboard of a computer or laptop, and communicates with the rest of the system using a hardware bus.

    Please take the following steps to enable BitLocker without  TPM.
    1. Run gpedit.msc.
    2. Go to Computer Configuration, Administrative Templates, Windows Components, BitLocker Drive Encryption, Operating System Drives, Require additional authentification at startup
    3. Enable Require additional authentification at startup will Allow Bitlocker without a compatible TPM
    4. Then go to Control Panel\System and Security\BitLocker Drive Encryption and turn on BitLocker.

    For more information, please take a look at the following article.
    http://www.eightforums.com/tutorials/21271-bitlocker-turn-off-os-drive-windows-8-a.html
    Please note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Best regards,
    Fangzhou CHEN


    Fangzhou CHEN
    TechNet Community Support

    Wednesday, January 7, 2015 7:14 AM
    Moderator
  • Regardless of if you are using USB or TPM as an authentication factor for BitLocker, a TCG compliant BIOS is required. See BitLocker hardware and software requirements for operating system drives here in the BitLocker FAQ on TechNet.

    Brandon
    Windows Outreach Team- IT Pro
    Windows for IT Pros on TechNet

    Friday, January 16, 2015 7:06 PM
    Moderator

All replies

  • Hello Enabling Bitlocker without a TPM,

    Do you mean that you want to enable BitLocker without  TPM?
    Do you receive any error message when you fail to encrypt the C: drive?

    Please contact the Manufacturer DELL to confirm if the laptop has TPM.
    A TPM is a microchip designed to provide basic security-related functions, primarily involving encryption keys. The TPM is usually installed on the motherboard of a computer or laptop, and communicates with the rest of the system using a hardware bus.

    Please take the following steps to enable BitLocker without  TPM.
    1. Run gpedit.msc.
    2. Go to Computer Configuration, Administrative Templates, Windows Components, BitLocker Drive Encryption, Operating System Drives, Require additional authentification at startup
    3. Enable Require additional authentification at startup will Allow Bitlocker without a compatible TPM
    4. Then go to Control Panel\System and Security\BitLocker Drive Encryption and turn on BitLocker.

    For more information, please take a look at the following article.
    http://www.eightforums.com/tutorials/21271-bitlocker-turn-off-os-drive-windows-8-a.html
    Please note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Best regards,
    Fangzhou CHEN


    Fangzhou CHEN
    TechNet Community Support

    Wednesday, January 7, 2015 7:14 AM
    Moderator
  • Regardless of if you are using USB or TPM as an authentication factor for BitLocker, a TCG compliant BIOS is required. See BitLocker hardware and software requirements for operating system drives here in the BitLocker FAQ on TechNet.

    Brandon
    Windows Outreach Team- IT Pro
    Windows for IT Pros on TechNet

    Friday, January 16, 2015 7:06 PM
    Moderator
  • this does not work. ive tried it all several times and even allowed or enabled other things that had to do with bitlocker. this is crazy. please help
    Tuesday, December 29, 2015 4:15 PM