News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • Tasks for the weekend – September 4, 2021 – Managing Bitlocker

    Home Forums AskWoody blog Tasks for the weekend – September 4, 2021 – Managing Bitlocker

    Viewing 13 reply threads
    • Author
      Posts
      • #2387864
        Susan Bradley
        Manager

        (Youtube here) …or rather managing bitlocker to ensure you don’t have it when you didn’t know you had it. As you may or may not be aware, certain De
        [See the full post at: Tasks for the weekend – September 4, 2021 – Managing Bitlocker]

        Susan Bradley Patch Lady

        1 user thanked author for this post.
      • #2387909
        EricB
        AskWoody Plus

        According to https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-bitlocker#disable-bitlocker-automatic-device-encryption

        a registry key can disable automatic encryption.  Has anyone tested this?  Unfortunately, I don’t have a test system to perform the test myself.

        1 user thanked author for this post.
        • #2387982
          Microfix
          AskWoody MVP

          Bitlocker for all intent and purposes, was a typical MSFT from the outset, introduced to Windows Vista onwards.
          TPM is not even a requirement for bitlocker encryption by means of GP settings in Pro/Ultimate/Enterprise…doh!!

          With Windows 11 requiring TPM 2.0 at a minimum, I’d expect security for both hardware and onboard storage data, hence cementing the relationship between TPM and Bitlocker going forward, as it should have been years ago.

          If Windows 11 does not provide this security measure, why the TPM requirement? What’s the point of upgrading hardware and Operating System to provide the same level of lax security as previous iterations of Windows?

          However, there are plenty 3rd party software portables or installers out there, free or otherwise that provide data security.

          | Quality over Quantity |
      • #2387900
        anonymous
        Guest

        This makes the TPM requirement seem even weirder, if they’re keeping your Bitlocker key online. People aren’t going to hack your PC to get the key. They’ll just use the lax security of the simple password you have to log in with all the time.

      • #2387915
        bbearren
        AskWoody MVP

        I don’t have a Microsoft account on my PC’s, only local accounts, and Bitlocker is off.  I do have a couple of Microsoft accounts for OneDrive and the Microsoft Store, but they’re in the cloud, not on my PC.

        Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
        "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
        "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

      • #2387934
        blueboy714
        AskWoody Plus

        I can’t find anything related to Bitlocker following the steps that Susan presented in the video – so I am a bit lost.  I had my PC custom built so maybe that’s the problem.  I have 2 BL programs on my PC:

        BitlockerDeviceEncryption.exe

        BitlockerWizardEvev.exe

        but I have no idea what they do or how to use them.

        I tried this (from MS support) – but I don’t even have device encryption on my PC.

        Turn on device encryption

        Sign in to Windows with an administrator account (you may have to sign out and back in to switch accounts). For more info, see Create a local or administrator account in Windows 10.

        Select the Start button, then select Settings > Update & Security > Device encryption. If Device encryption doesn’t appear, it isn’t available. You may be able to use standard BitLocker encryption instead. Open Device encryption setting.

        If device encryption is turned off, select Turn on.

        • #2387941
          Alex5723
          AskWoody Plus

          Check status of bitlocker :

          1 user thanked author for this post.
          • #2387947
            b
            AskWoody MVP

            Except on Home edition?

            Windows 10 Pro version 21H2 build 19044.1263 + Microsoft 365 (group ASAP)

      • #2387949
        blueboy714
        AskWoody Plus

        I am on Win 10 home edition and do NOT have a “Device Encryption” in my Control Panel or anywhere else that I can find.

        • #2387959
          b
          AskWoody MVP

          It should be the bottom item in the left-pane list at Settings, Update & Security.

          You may have to scroll down.

          Windows 10 Pro version 21H2 build 19044.1263 + Microsoft 365 (group ASAP)

      • #2387967
        blueboy714
        AskWoody Plus

        It should be the bottom item in the left-pane list at Settings, Update & Security.

        You may have to scroll down.

        Thanks, but I DON’T have anything like that.

      • #2387976
        Lars220
        AskWoody Plus

        I am not an IT Pro, only a home user with Win10 Pro v21H1 1165, and now after viewing this YouTube video and learning a little about BitLocker drive encryption, I started to be somewhat concerned about our visiting grandchildren who are coming to the age of computer knowledge that is surpassing my somewhat limited skill level. We have more than one grand child that has a devious mindset that likes to play “games” on the precious grand parents home computer. With that in mind, I found a nice tutorial at the Ten Forums website about removing that right click context menu item for “Turn on BitLocker” that clutters my context menu with loads of unused items. Also including another link for how to disable BitLocker just for info.
        I hope the grandkids aren’t reading this.
        How to Add or Remove ‘Turn on BitLocker’ Context Menu from Drives in Windows 10
        How to disable BitLocker in Windows 10 [Quick Guide]

      • #2387979
        blueboy714
        AskWoody Plus

        One other place to check is “Device encryption support” in System Information:

        How to Check if Device Encryption is Supported in Windows 10

        At least I know why I can’t see Device Encryption – I get the same error message that Ten Forums step-by-step example

        Device Encryption Not Supported

        1 user thanked author for this post.
        b
      • #2388020
        Mele20
        AskWoody Lounger

        I have Bit Locker on this Dell XPS DESKTOP computer but it can NEVER be turned on (thank goodness!) because I would never buy a computer that has soldered RAM!!! I didn’t know until recently that this idiocy is now being implemented on desktops also (and not just most laptops). I only buy desktops so I had thought I would always have configurability at purchase time and later also for RAM so I was shocked to see this essential (in my mind at least) ability being removed even in desktops.

        Looks like we are returning to the days of dumb terminals and a mainframe computer.

        • #2388119
          b
          AskWoody MVP

          I have Bit Locker on this Dell XPS DESKTOP computer but it can NEVER be turned on (thank goodness!) because I would never buy a computer that has soldered RAM!!!

          What’s the relevance of RAM to BitLocker?

          I don’t understand why your BitLocker can never be turned on.

          Windows 10 Pro version 21H2 build 19044.1263 + Microsoft 365 (group ASAP)

      • #2388063
        Alex5723
        AskWoody Plus

        Except on Home edition?

        Bitlocker / key problems appeared on HOME editions with DELL, HP.. laptops where bitlocker has been stealthy installed and enabled.

        • #2388116
          b
          AskWoody MVP

          On HOME edition it must be Device Encryption.

          But my point was whether BitLocker appears in Control Panel on HOME. I don’t think so.

          Windows 10 Pro version 21H2 build 19044.1263 + Microsoft 365 (group ASAP)

      • #2388102
        blueboy714
        AskWoody Plus

        I have Bit Locker on this Dell XPS DESKTOP computer but it can NEVER be turned on (thank goodness!) because I would never buy a computer that has soldered RAM!!! I didn’t know until recently that this idiocy is now being implemented on desktops also (and not just most laptops). I only buy desktops so I had thought I would always have configurability at purchase time and later also for RAM so I was shocked to see this essential (in my mind at least) ability being removed even in desktops.

        Looks like we are returning to the days of dumb terminals and a mainframe computer.

        I miss the days of 50 pound keyboards, 200 pound monitor with a nice hazy green display, keypunch cards and green bar paper.

      • #2388522
        Mele20
        AskWoody Lounger

        What’s the relevance of RAM to BitLocker?

        I don’t understand why your BitLocker can never be turned on.

        Without soldered RAM, Bitlocker cannot be turned on is what I have read. I now see at one site discussing this that refers to automatic encryption.

      • #2388524
        Alex5723
        AskWoody Plus

        Without soldered RAM, Bitlocker cannot be turned on is what I have read. I now see at one site discussing this that refers to automatic encryption.

        Bitlocker/encryption has nothing to do with RAM soldered or not.

        1 user thanked author for this post.
        b
    Viewing 13 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, no politics or religion.

    Reply To: Tasks for the weekend – September 4, 2021 – Managing Bitlocker

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.