New
#1
Enforcing Bitlocker to ask for a password at boot
Still trying to figure this out.
On my last installation the machine (with no TPM) was secured with bitlocker (software encryption) and this I was able to select to enter a key at boot rather than using a key on a USB flash drive. And I don't remember having to think too hard about it.
On my new machine which has a TPM enabled I am struggling to replicate this.
I have looked at GP Editor a number of times to try to work it out. I have just realised that configuring 'Configure use of passwords for fixed data drives' is not what I want. From GPEditor: "Note: These settings are enforced when turning on BitLocker, not when unlocking a volume. BitLocker will allow unlocking a drive with any of the protectors available on the drive."
Does anyone know if this is something that can still be done on the latest version of Windows (21H2) and if so, how to do it?
Maybe bitlocker requires the authentication method to be selected after encrypting the drive? The dialogue also said that the machine would restart and check that the recovery key worked before encrypting, but that did not happen either. Does that happen after the drive encryption process is finished and before encryption is applied?
Thanks for any help with this.