WHY use TPM with bitlocker?

Page 1 of 2 12 LastLast
  1.    #1

    WHY use TPM with bitlocker?


    i still have to understand WHY to use TPM with bitlocker. these are my concerns, i tried to use bitlocker with my tpm but the encryption was "free" without to enter any password at boot. Ok this kind of encryption is useful ONLY IF a thief steal ONLY the hd .... but what if he steal the entire machine? a laptop is easy to steal at 100% (not only the hd).

    IMHO i don't understand why a person should use TPM to automaticallu enter the encryption key to unlock a drive, with virtually " no action required" by the end user.

    i had to follow a guide to set bitlocker to nos ask for tpm and works as if NO TPM is availale. only in that way i can REALLY encrypt the drive ( takes a lot of time) and the pc REALLY ASKS me to enter a password.

    can someone explain my doubts? to me tpm module for bitlocker is 0% useful, like to have NO ENCRYPTION at all, because effectively the end user who sits in front of your pc, automatically decrypt the drive because tpm gives the key..... so it is nonsense for me.
      My ComputerSystem Spec

  2.    #2

    Well most people have a username and password on the computer before it boots up. So if you stole the password, you would have to crack that.
      My ComputerSystem Spec

  3.    #3

    i think you haven't understood my reasoning
      My ComputerSystem Spec

  4. Compumind's Avatar
    Posts : 787
    Windows 10 Pro x64, Various Linux Builds, Internet Security Specialty.
       #4

    Hi there!

    Windows encryption software like BitLocker utilizes the TPM chip to protect all the keys used to encrypt your computer's data.
    After that, it is used to authenticate your (encrypted) computer and gives you access to all the (encrypted) data.
    Therefore, the device trying to access it is identified as being "trusted."

    Hope this helps.
      My ComputerSystem Spec

  5.    #5

    ok but it is USELESS...... if someone steal my whole pc... my laptop, he can read EVERYTHING in it, he does not even know that the drive is protected by bitlocker, because the encryption is clear.... no passwod required, no action required by user to have access to files.

    to me it is USELESS:...
      My ComputerSystem Spec

  6.    #6

    If someone stole your PC then they still wouldn't be able to directly access the drive because they wouldn't be able to login to Windows. However, they could indirectly access it, e.g. if you have a shared network drive or exploitable network service, while the system is sitting at the login screen.

    The TPM does not unlock the drive. It is still Windows that reads the key from the TPM and unlocks the drive. So the thief cannot boot to a different OS or modify the bootloader to bypass Windows.

    If you don't have a Windows password then yes, Bitlocker with no PIN would offer no protection.
      My ComputerSystem Spec

  7.    #7

    PolarNettles said: View Post
    If someone stole your PC then they still wouldn't be able to directly access the drive because they wouldn't be able to login to Windows. However, they could indirectly access it, e.g. if you have a shared network drive or exploitable network service, while the
    If you don't have a Windows password then yes, Bitlocker with no PIN would offer no protection.
    Yeah I said this and he claims I didn't understand his reasoning.
    I don't know why somebody would bitlock their drive, but not use any password for windows login
    You use bitlocker for security, so you should at least be security minded and use a windows password.
    So when you do, if they can't get into your computer because they don't knwo the password, they can't take the drive out and use it in another comptuer, so TPM is not pointless

    But yeah, I don't understand the poster's reasoning
      My ComputerSystem Spec

  8. Compumind's Avatar
    Posts : 787
    Windows 10 Pro x64, Various Linux Builds, Internet Security Specialty.
       #8

    I believe that BitLocker Drive Encryption was cracked long ago.
    Nevertheless, it's free and requires a bit know-how to properly implement, IMO.

    This is a better solution for many of my clients:

    McAfee Endpoint Drive Encryption:

    Drive Encryption | Data Protection Technologies

    Free Trial available.

      My ComputerSystem Spec

  9.    #9

    Compumind said: View Post
    I believe that BitLocker Drive Encryption was cracked long ago.
    Nevertheless, it's free and requires a bit know-how to properly implement, IMO.

    This is a better solution for many of my clients:


    cracked? seems like there was only an issue with SSD's, and only certain ones at that. Which could be fixed by changing to software encryption

    otherwise though bitlocker is pretty easy to turn on in windows 10
      My ComputerSystem Spec

  10. Compumind's Avatar
    Posts : 787
    Windows 10 Pro x64, Various Linux Builds, Internet Security Specialty.
       #10

    Win10Pea said: View Post
    ...Otherwise though bitlocker is pretty easy to turn on in windows 10.
    Yes, but you have to understand it, especially when it comes to attached portable devices. Not rocket science.
    As for it being cracked, it does take quite a bit of knowledge and resources - I remember that from an IT security conference.

    The TPM chip makes it much more difficult.

    Here's something to read...

    How to enable BitLocker encryption without a TPM chip in Windows | Digital Citizen

    FWIW

      My ComputerSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
Solved Bitlocker in AntiVirus, Firewalls and System Security
Is it possible to use Bitlocker on a single folder? The only option I can see it to lock the entire drive.
Bitlocker in AntiVirus, Firewalls and System Security
Hi I have a links tablet 1020 with windows 10 installed tried to boot up and got a blue screen that says "Bit locker Enter key to get going again" i don't have a bitlocker key Been onto microsoft to try and get one and they say that...
Solved Bitlocker without TPM help in AntiVirus, Firewalls and System Security
Hi all, I've been having a bit of trouble trying to get Bitlocker working on my Dad's laptop. He recently bought a new laptop with Win 7 pro and I upgraded it to Win 10. It all went smoothly except now when I'm trying to get Bitlocker to encrypt...
Solved BitLocker in AntiVirus, Firewalls and System Security
This may sound Odd or maybe I have a memory block, But what is Bit Locker ? Did it com with win.10 And what is it's function I was thinking of Bit Defender Antivirus.But I know thats not it .
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 09:16.
Find Us