Encryption BitLocker without a TPM chip

From: ormico

I apoligize if this question has been asked, but I do not see when I looked on the forum and elsewhere on the web.

I have a laptop that I was thinking together Drive Encryption on during some time.

The options I know are PGP Whole Drive Encryption, TrueCrypt and BitLocker.

I have Vista Ultimate and BitLocker is one of the reasons for fat that was my Ultimate, but BitLocker doesn't seem to be as straightforward as some of the other options which is a mouthful.

My laptop doesn't have a TPM chip. As I read it, that means that the use of BitLocker, I have to use a USB key to store the key.

Before going any further down this path, I don't know if my laptop BIOS supports a USB drive pre-seed.

In addition, the preparation of the BitLocker driver tool could not create a partition for BitLocker. I don't know why, but my first thought is that he wants to go the paging and Hibernate files and cannot. There is a long series of instructions that I found where you can "try" to get around this problem with no guarantee that it will work.

Then... Before I try to go this route, I was wondering if anyone could answer a few questions about BitLocker so I know if it's really what I want.

In all the instructions I read about installing BitLocker without a TPM, the instructions always specify that you plug your usb key, boot the system, and Vista comes up. There is never a mention of a password. Is this correct? If so, all someone would need to have access to the laptop's USB key. It seems safe to me. If my laptop is stolen there is a good chance that the USB would be with her. I can try to take it with me when this is possible, but it is not always practical or likely. This isn't like a car key that I can stick in my Pocket whenever I get out of the car.

Is it possible to use BitLocker without a TPM that uses a password? I know there are the recovery password, but a random code 48 digit is not easy to remember either.

My preference would be to use BitLocker because I already bought it.

PGP looks like a good option, but it's a few hundred dollars I think.

TrueCrypt is free, but I'm a bit nervouse about using a free product to encrypt my entire hard drive. Maybe I shouldn't be biased, but if something goes wrong with this it will be painful recover. I've used TrueCrypt to create encrypted volumes before and works well, but it's a hassle to set up and dismantle all the time.

De :  Steve Riley [MSFT]

You have readiness tool error messages?

Without a TPM, the only option for the storage of the key is a USB key. You don't need any special 'Pre-boot' USB support, because the computer is actually started from the small boot volume that creates the preparation tool. During this process, Windows prompts you to insert the USB key. Windows bed key root storage from there, used to decrypt another key and continues to load the operating system from disk encrypted system.

While we support using a PIN _with_ a module of TPM, we do not support using a _without_ a TPM secure. This is because it is almost impossible to get the kind of taken entropy protect something as important as with a simple password for BitLocker volume master key. The password recovery don't, but as you note, it is almost impossible to remember such a long number.

The metaphor of car keys is actually pretty good. You get a small USB key with a small loop so you can hang it to your keyring. Next, you will use this key to "start" on your computer. You can remove it once the computer finishes booting. You'll need whenever you start and whenever go out you this computer from hibernation (but not sleep).

--

Steve Riley

E-mail address is removed from the privacy *.

http://blogs.technet.com/steriley

http://www.protectyourwindowsnetwork.com

Another response of the community of Windows Vista discussion groups

Tags: Windows

Similar Questions

  • No TPM chip is detected

    After normal startup using the Windows 7 upgrade, I get a dialog box that indicates "no TPM chip is detected.  You must restart, enter your computer's BIOS setup and enable the module of TPM... etc... »
    Don't know what it takes on since I use this computer for weeks now without seeing this dialog box.  I can close the box using the X.  Restart the computer normally.
    What happened that I should now start to see this dialog box?  I do not turn on (or off) BitLocker.

    1 restart the computer and during the boot process, use the appropriate (often F2) key to access the BIOS. For more information, see the documentation provided with your computer.
    2. in the BIOS, go to the entrance of TPM security. Select disabled, press ENTER, press ESC and then select Save Changes and Exit. Andre Da Costa http://adacosta.spaces.live.com http://www.activewin.com

  • TPM chip

    I have a Sony Vaio Pro - model SVP13215PXB.  I activated the TPM chip and encrypted my drive with Bitlocker.  The bitlocker key got saved on my skydrive account.  Later, I find out he is supposed to be a the TPM owner password.  I don't remember this setting and have no idea to back it up.  Articles only that I see out there is to save this information to AD.  It is a personal computer not joined to any domain.  Can anyone help?

    Hi jgrandjean,

    I did search a bit.  I don't know if you are referring to this articlehere from microsoft.

    Nick-

  • HP Pavilion g6 - 1317AX: need to determine if the TPM chip is installed on HP Pavilion g6

    Greetings. Please advise if HP Pavilion g6 - 1317AX comes with a TPM chip installed.

    I use Win 7 54 bits Ultimate and you want to run Bitlocker with TPM.

    Thank you very much in advance for your help.

    Hello

    No, no TPM chip on your computer.

    Kind regards.

  • How will I know if my laptop has the TPM chip on the motherboard?

    Hello

    Model of laptop - HP Pavilion dv9260us.  Product ID - RP243UA SR #ABA No - CNF7134YJK

    OS - Windows Vista Ultimate Build 6002.

    I downloaded and installed the Bitlocker of Windows Extras for Vista ultimate on Windows Update. I received a message stating:

    A TPM module was not found.  A TPM module is required to enable Bitlocker.  If your computer has a TPM module, then contact the manufacturer of the computer for Bitlocker-compatible BIOS.  Currently I have BIOS version F.2E

    Thank you.

    Pedhambe

    Hello:

    After looking at the manual specifications and your service system, I don't think that your laptop is a TPM chip.

    You can find out for sure by going to your control panel, click on Device Manager, and then click the option of security devices.  You are looking for a device labeled Trusted Platform Module 1.2.

    If this device is not listed, you have.

    Paul

  • Pavilion P6000: where is the TPM chip, located on the card mother VIOLET-GL8E M2N78 - LA 513430-002

    I am trying to locate the TPM chip on my PURPLE-GL8E M2N78 - 513430-002 motherboard to remove it and install on my new motherboard because of my HARD drive lock without the chip. Running Windows 7 Home Premium.

    Frederick_B

    Thanks for the info. Unfortunately I can't back up the HARD drive to fix. The old tower is more regognizes the HARD drive either. What I read this other safety device to prevent theft. I have to chalk this up to my lack of knowledge on the MPT and BitEncrypt software. I'll just have to buy another copy of Windows, and to reformat my HARD drive or buy a new HARD drive so I can't reformat. I wish I had found this forum until I "shot myself in the foot' on this one. Thank you for trying to help.

    Eric

  • Disk on Tecra M9 with TPM chip secured by password

    I got my HDD on laptop TECRA M9 - 12R by password (I know the password).
    On the laptop's motherboard was broken.

    I'll bring my laptop in for repair. They will change the old broken motherboard again.
    The Infineon TPM chip on the motherboard is.

    No on the repair service can tell me, if I unlock my HDD and get my data with the new motherboard. I read, that the TPM chip have certificate and I can't unlock HDD on computer with another TPM chip, that the HARD drive has been locked.

    Where is the real?
    Can I get my data with the new motherboard?

    > Person on repair service can tell me, if I unlock my HDD and get my data with the new motherboard. I read, that the TPM chip have certificate and I can't unlock HDD on computer with another TPM chip, that the HARD drive has been locked.

    I think you should be able to unlock the HARD drive using another motherboard with the same TPM.
    But I also recommend you back up the data from the old HARD drive to be on the safe side

  • HP 15-g023cl: the HP 15-g023cl has a tpm chip?

    The HP 15-g023cl there a tpm chip?

    The line Probook will be the more affordable models with a TPM chip:

    http://store.HP.com/us/en/PDP/business-solutions/HP-ProBook-440-G2-notebook-PC

    If it's 'the Answer' please click on 'Accept as Solution' to help others find it.

  • Q-116 flag 23: 23 Pavilion Q 116 there a TPM chip?

    The Pavilion Q 23, 116 has a TPM chip?

    Hello:

    If so, there will be a category of security devices in Device Manager.

    Click to expand this category, and there should be a chip v 2.0 of TPM.

    If there is no safety devices category in Device Manager, then your PC does not have a TPM chip.

  • Integrated Security TPM chip

    I want to buy hp with integrated tpm chip desktop and I can not find in the model profile for witch she. I need to sff, i3, 500 GB, 4 GB, gigabit lan dvd rw... pls help!

    Hello:

    This series of model has the specifications you want... You need to configure one to what you need, but it has a TPM chip anything.

    http://www.HP.com/hpinfo/newsroom/press_kits/2013/HPDiscoverBarcelona/ProDesk_600_G1_Desktop_Mini_QuickSpecs.PDF

  • HP Touchsmart TX2 (ea 1340) - is there a TPM chip?

    Hello

    I am trying to determine if my laptop - which is a HP Touchsmart TX2 (ea 1340) - has a TPM chip installed?

    I start work as an entrepreneur with a new company, and their IT service wondering if my laptop has such a TPM chip, I think that it is necessary for the Bit Locker, which is part of their standard PC image works ok.

    I looked online and can't find if the laptop has this chip or not - can help you please?

    Thanks - John

    No, there is no TPM chip on the tx2 series

  • BitLocker without TPM refuses to recognize the USB key at startup.

    I have a Windows 7 PC, I'd need to BitLocker, but it fails to recognize the USB key at startup. I've resorted to skip verification and now enter the recovery key every time you start (this PC has a lot of data on what should be confidential), but it's not ideal.

    What is curious to me, is that the computer will start perfectly fine from a USB key, or produce a message of type "non system disk or disk error", if the USB key in question is not bootable. So it is not a matter of lack compatibility USB BIOS. When Bitlocker should read, yet there is no actifvity on the USB key. It seems to just try to read the empty floppy drive then give up.

    The PC is an all-in-one RM with an Intel D915GX motherboard.

    I tried two different USB, 64 megabytes cheapo player drives I usually use as a Bitlocker key and a 2 GB Cruzer Blade. I mucked with some of the BIOS settings but not in a particularly organized way. And I checked the key file is saved on the disk. Everything I did, Bitlocker will not always see the USB.

    Any suggestions?

    Hello

    Thank you for you answer and share the status of the issue.

    Sorry for the late reply.

    I suggest you to please update your motherboard chipset drivers

    Follow the link below:

    https://Downloadcenter.Intel.com/SearchResult.aspx?lang=eng&ProdId=1676

    You can also check the drive (that you encrypted) to find errors by following the link below:

    Check a drive for errors

    http://Windows.Microsoft.com/en-us/Windows7/check-a-drive-for-errors

    WARNING:

    Important: when running chkdsk on the drive hard if bad sectors are found on the disk hard when chkdsk attempts to repair this area if all available on which data may be lost

    Additional information:

    In Windows 7 BitLocker Drive Encryption: frequently asked Questions

    http://TechNet.Microsoft.com/en-us/library/ee449438 (WS.10) .aspx #BKMK_USBDrive

    Deployment Guide for Windows 7 BitLocker Drive encryption

    http://TechNet.Microsoft.com/en-us/library/dd875547 (v = ws.10) .aspx

    Hope this is useful

  • Encryption BitLocker - TPM not found 2540p

    Hello

    I have the same problem, could you tell me how you did a scan to find the new driver after removing the wrong driver?

    Thank you.

    Nobody here actually:

    https://support.Microsoft.com/en-us/KB/2895212

    I have the same problem with windows.

    Thank you.

  • How to remove encryption BitLocker on Windows 7

    I have one of my drives with BitLocker encrypted in my Windows 7 (32-bit) system. Now, I'm unable to remove this encryption. How can I remove this completely drive encryption? I mean, I don't want any more of any BitLocker protection on this drive. Formatting is not an option. Waiting for an answer.

    Hello

    When you turn off BitLocker, you can either disable BitLocker temporarily or to decrypt the volume. Disable BitLocker allows TPM and other minor changes module changes the system. Decrypt the volume means that the volume will be entirely decrypted, and that all the keys are ignored. You must decrypt a computer before the operating system upgrade. Once a volume is decrypted, you must generate new keys through the encryption process again once, if you want to enable BitLocker.

     

    Before you start

    ·         You must be logged on as administrator.

    ·         The volume must be encrypted.

     

    To turn off BitLocker Drive encryption

    (a) click Start, click Control Panel, click Security, and then click BitLocker Drive Encryption.

    (b) from the BitLocker Drive Encryption page, find the volume on which you want BitLocker Drive Encryption goes off, and click turn off BitLocker Drive Encryption.

    (c) what level of decryption do you want the dialog box, click disable BitLocker Drive Encryption or decrypt the volume as required.

    (d) by performing this procedure, you have disabled BitLocker or decrypted the operating system volume.

     

    Additional resources

    The following resources provide additional information about BitLocker Drive Encryption:

    Help with the BitLocker Drive encryption, as with any Microsoft Windows component, please choose the support options listed on the Microsoft Help and Support Web site

    (http://go.microsoft.com/fwlink/?LinkId=76619).

  • Pavilion dv7, tpm chip enable - not-possible or not?

    HP Pavilion dv7-4285dx laptop. This laptop has TPM or not? bought this machine about a year ago. didn't want to turn on Bitlocker and Bitlocker-to-go at the time I intend to upgrade to win 7 ultimate/Enterprise.

    When I got to the hardening of the BONES, I checked the BIOS - but could not find the option to turn on the TPM. I read many pages of documents to support, so far have not found any mention of TPM being on the MB. I'm seriously believe that it wasn't an installed feature.

    Normally the TPM is not installed in the notebook computer or consumer

    This feature is part of the PC company the of except in the two countries where it is illegal to have RPM installed on a PC.

Maybe you are looking for

  • Cannot watch Netflix on the latest Nightly, says I need Silverlight, but nothing changes when I install it. Help?

    I try to use Netflix on the latest Nightly of Firefox browser. He tells me that I have to install Silverlight, so I did it, but it gives just the same message of Silverlight. When I reinstall Silverlight, he says that Silverlight is already installed

  • Satellite L500D - invalid Windows 7 product key

    Dear experts, I deleted the old partitions and tried to install Windows 7 on my empty disk. When I come to the point where I enter my product key, I get the error invalid key. I use the Windows 7 image that came with his laptop computer in the file t

  • Old problem with Spotlight and Word .docx files

    There is an old problem with Spotlight not finding the Word .docx files.  You can find old discussions about it since 2008.  But despite this problem being old has never been resolved. The essence of the issue is that Spotlight relies on a variety of

  • Sort of a group of numbers

    Hi all I am reorganizing my digital signals by the presence of a front panel control that allows the user dynamically set the channel. On the front panel, I have composed a set of unsigned integer typedef.  I want to sort this cluster in numbers and

  • Yes! It's that boring thing of the former UPDATE new!

    Just updates does not download or installk automatically and when I try to download the updates I get the ERROR 800 80005.  Please someone, what can I do?   (after trying everything suggested in these forums and all about the MS Technet system).Thank