News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • Tasks for the weekend – September 4, 2021 – Managing Bitlocker

    Home » Forums » AskWoody blog » Tasks for the weekend – September 4, 2021 – Managing Bitlocker

    Author
    Topic
    #2387864

    (Youtube here) …or rather managing bitlocker to ensure you don’t have it when you didn’t know you had it. As you may or may not be aware, certain De
    [See the full post at: Tasks for the weekend – September 4, 2021 – Managing Bitlocker]

    Susan Bradley Patch Lady

    1 user thanked author for this post.
    Viewing 12 reply threads
    Author
    Replies
    • #2387909

      According to https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-bitlocker#disable-bitlocker-automatic-device-encryption

      a registry key can disable automatic encryption.  Has anyone tested this?  Unfortunately, I don’t have a test system to perform the test myself.

      1 user thanked author for this post.
      • #2387982

        Bitlocker for all intent and purposes, was a typical MSFT from the outset, introduced to Windows Vista onwards.
        TPM is not even a requirement for bitlocker encryption by means of GP settings in Pro/Ultimate/Enterprise…doh!!

        With Windows 11 requiring TPM 2.0 at a minimum, I’d expect security for both hardware and onboard storage data, hence cementing the relationship between TPM and Bitlocker going forward, as it should have been years ago.

        If Windows 11 does not provide this security measure, why the TPM requirement? What’s the point of upgrading hardware and Operating System to provide the same level of lax security as previous iterations of Windows?

        However, there are plenty 3rd party software portables or installers out there, free or otherwise that provide data security.

        | Quality over Quantity |
    • #2387900

      This makes the TPM requirement seem even weirder, if they’re keeping your Bitlocker key online. People aren’t going to hack your PC to get the key. They’ll just use the lax security of the simple password you have to log in with all the time.

    • #2387915

      I don’t have a Microsoft account on my PC’s, only local accounts, and Bitlocker is off.  I do have a couple of Microsoft accounts for OneDrive and the Microsoft Store, but they’re in the cloud, not on my PC.

      Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
      "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
      "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

    • #2387934

      I can’t find anything related to Bitlocker following the steps that Susan presented in the video – so I am a bit lost.  I had my PC custom built so maybe that’s the problem.  I have 2 BL programs on my PC:

      BitlockerDeviceEncryption.exe

      BitlockerWizardEvev.exe

      but I have no idea what they do or how to use them.

      I tried this (from MS support) – but I don’t even have device encryption on my PC.

      Turn on device encryption

      Sign in to Windows with an administrator account (you may have to sign out and back in to switch accounts). For more info, see Create a local or administrator account in Windows 10.

      Select the Start button, then select Settings > Update & Security > Device encryption. If Device encryption doesn’t appear, it isn’t available. You may be able to use standard BitLocker encryption instead. Open Device encryption setting.

      If device encryption is turned off, select Turn on.

      • #2387941

        Check status of bitlocker :

        1 user thanked author for this post.
        • #2387947

          Except on Home edition?

          Windows 10 Pro version 21H2 build 19044.1288 + Microsoft 365 (group ASAP)

    • #2387949

      I am on Win 10 home edition and do NOT have a “Device Encryption” in my Control Panel or anywhere else that I can find.

      • #2387959

        It should be the bottom item in the left-pane list at Settings, Update & Security.

        You may have to scroll down.

        Windows 10 Pro version 21H2 build 19044.1288 + Microsoft 365 (group ASAP)

    • #2387967

      It should be the bottom item in the left-pane list at Settings, Update & Security.

      You may have to scroll down.

      Thanks, but I DON’T have anything like that.

    • #2387976

      I am not an IT Pro, only a home user with Win10 Pro v21H1 1165, and now after viewing this YouTube video and learning a little about BitLocker drive encryption, I started to be somewhat concerned about our visiting grandchildren who are coming to the age of computer knowledge that is surpassing my somewhat limited skill level. We have more than one grand child that has a devious mindset that likes to play “games” on the precious grand parents home computer. With that in mind, I found a nice tutorial at the Ten Forums website about removing that right click context menu item for “Turn on BitLocker” that clutters my context menu with loads of unused items. Also including another link for how to disable BitLocker just for info.
      I hope the grandkids aren’t reading this.
      How to Add or Remove ‘Turn on BitLocker’ Context Menu from Drives in Windows 10
      How to disable BitLocker in Windows 10 [Quick Guide]

    • #2387979

      One other place to check is “Device encryption support” in System Information:

      How to Check if Device Encryption is Supported in Windows 10

      At least I know why I can’t see Device Encryption – I get the same error message that Ten Forums step-by-step example

      Device Encryption Not Supported

      1 user thanked author for this post.
      b
    • #2388020

      I have Bit Locker on this Dell XPS DESKTOP computer but it can NEVER be turned on (thank goodness!) because I would never buy a computer that has soldered RAM!!! I didn’t know until recently that this idiocy is now being implemented on desktops also (and not just most laptops). I only buy desktops so I had thought I would always have configurability at purchase time and later also for RAM so I was shocked to see this essential (in my mind at least) ability being removed even in desktops.

      Looks like we are returning to the days of dumb terminals and a mainframe computer.

      • #2388119

        I have Bit Locker on this Dell XPS DESKTOP computer but it can NEVER be turned on (thank goodness!) because I would never buy a computer that has soldered RAM!!!

        What’s the relevance of RAM to BitLocker?

        I don’t understand why your BitLocker can never be turned on.

        Windows 10 Pro version 21H2 build 19044.1288 + Microsoft 365 (group ASAP)

    • #2388063

      Except on Home edition?

      Bitlocker / key problems appeared on HOME editions with DELL, HP.. laptops where bitlocker has been stealthy installed and enabled.

      • #2388116

        On HOME edition it must be Device Encryption.

        But my point was whether BitLocker appears in Control Panel on HOME. I don’t think so.

        Windows 10 Pro version 21H2 build 19044.1288 + Microsoft 365 (group ASAP)

    • #2388102

      I have Bit Locker on this Dell XPS DESKTOP computer but it can NEVER be turned on (thank goodness!) because I would never buy a computer that has soldered RAM!!! I didn’t know until recently that this idiocy is now being implemented on desktops also (and not just most laptops). I only buy desktops so I had thought I would always have configurability at purchase time and later also for RAM so I was shocked to see this essential (in my mind at least) ability being removed even in desktops.

      Looks like we are returning to the days of dumb terminals and a mainframe computer.

      I miss the days of 50 pound keyboards, 200 pound monitor with a nice hazy green display, keypunch cards and green bar paper.

    • #2388522

      What’s the relevance of RAM to BitLocker?

      I don’t understand why your BitLocker can never be turned on.

      Without soldered RAM, Bitlocker cannot be turned on is what I have read. I now see at one site discussing this that refers to automatic encryption.

    • #2388524

      Without soldered RAM, Bitlocker cannot be turned on is what I have read. I now see at one site discussing this that refers to automatic encryption.

      Bitlocker/encryption has nothing to do with RAM soldered or not.

      1 user thanked author for this post.
      b
    Viewing 12 reply threads
    Reply To: Tasks for the weekend – September 4, 2021 – Managing Bitlocker

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.