New
#1
Can I Do This With Bitlocker and Windows 10, version 21H1 ?
TL;DR I thought I could easily turn on Bitlocker with both my two bootable Win 10 internal hard drives just as simply as I was able to do so with my half dozen plus external USB drives that I am able to unlock with a password. I ended up borking one of the drives and had to format and reinstall from an image.
I then came across this post which I believe answered my question why I was running into difficulties.
Is it possible to have Windows 10 dual boot and BitLocker encrypted partitions?
Is it possible to have Windows 10 dual boot and BitLocker encrypted partitions? - Super User
The answer given was "The problem you are running into is likely due to how Windows stores the key to unlock the partition in your platform TPM. When you activate Bitlocker using a TPM, Windows clears the TPM and installs a fresh key for use with the encryption. This is why you lose access to your first install. You can have multiple TPM devices (one provided by the CPU and one provided by a discrete TPM chip) but only one may be active in UEFI at a time. Changing the active TPM would invalidate secure boot. So even that is not a solution. The only way to have what you want is to make one of the Bitlocker deployments ignore the TPM. You can control this using group policy. It will be less secure because you will have to store the key in plain text on a USB drive. For this reason you should use a different PIN for each of the two partitions. Unfortunately this solution appears to be well above my expertise unless someone can ELI5 the exact steps 1. and then 2. and... that I should take in order to accomplish this without screwing things up.
So I am now willing to forgo having two win 10 bootable hard drives with Bitlocker on each of them and now I want to have Bitlocker enabled just on my "C" drive and turn my "D" drive into a data drive. If I do that, can I expect my "D" drive when I format it and turn Bitlocker on to act just like my Bitlocked external USB drives? When enabling Bitlocker on my now systemless data "D" drive to be given the opportunity to be able to unlock "D" with just a password when I boot from "C".
And then I want to enable Bitlocker on my "C" drive but during the initial Bitlocker setup process it's a must that I be presented with the option to unlock my "C" drive with a password and not the key that I saved. It would be just so much easier this way for me. I am unconcerned with using my 2.0 TPM device.
If I have been able to make my intentions clear any and all comments and instructions would be appreciated. TIA.