Windows 10: Insert USB Storage Media to unlock BitLocker taken away in W10?
Insert USB Storage Media to unlock BitLocker taken away in W10?
I enabled BitLocker and I noticed that the option to save the recovery key to a USB Flash Drive is not there. Instead, there is an option to Save to a File and did let me save it onto a USB stick without issues.
However, in case I get locked out, will BitLocker prompt me to Insert Storage Media like from the image taken from a Windows 7 machine or will I need to go to another PC with my USB stick and write it down manually? And I don't even have a printer to print the key. And I don't want to use a MS account either.
Has this option been taken away from Windows 10?
Please Note: I am indeed running with a TPM.
It is just the same in 7 and 10.
When you turn on bitlocker you get the option to save the recovery key - this is your first picture. For the OS drive you can save it to USB, for external drives you don't get this option. . See BitLocker Recovery Key - Back up in Windows 10 - Windows 10 Forums
This is a 25 long number (saved as a .txt file) you have to type in if something changes in your boot configuration (you change your boot order, upgrade Windows or something). You can save it anywhere (except on your PC if I remember correctly) but it really should not be on a key you keep with your PC as this would make the whole thing pointless.
This is not the same as the file (.bek) which is saved to USB to unlock the drive (like your second picture if asking for). When you define bitlocker you can unlock it with a password, a USB key or both (this is in group policy - see here BitLocker - Turn On or Off for Operating System Drive in Windows 10 - Windows 10 Forums). If you have said you want to use a USB key to unlock the drive you must connect it.
If you get locked out you must manually enter the 25 long digit pin (as you had to in 7). If you have defined as USB key as required to unlock the drive on group policy you must attach the USB containing the correct .bek file to unlock the drive (and also potentially enter your password). If your boot files have changed and you are locked out you would still have to manually enter the recovery key in any case.
If you haven't written down the 25 digit recovery key (or memorized it I suppose) you would need to go to another PC to get it back - either from your USB you saved it to or from your Microsoft Account if you saved it there.
Hope this makes sense.
Can the .bek key be stored on a flash dive with other files? Or does Windows require the .bek key to be the only file on the drive?
Does this literally mean 'external drives' or does in include internal drives that are partitioned to say separate o/s and data?
Yes, you can save it to a flash drive with other stuff on. In fact you can store multiple .bek on the same one if you want (I do).
Anything that isn't the C partition. If you have a D partition on the same physical disk you can save the .bek. Only the C partition you can't.
I just decrypted C today (so I could split it into C and D with Partition Wizard) and then re-encrypted both. The D partition acted just the same a physically separate drive. Sorry for the confusion - I seem to use the words drive / volume / partition interchangeably sometimes.
Thanks for the clarification Ix07
Recently my company provided me with a Windows 10 SOE image as part of a UAT. The image includes Symantec Endpoint Encryption which utilizes Bitlocker for encryption.
I went through all of the motions with the C:\ drive to be...
I'm not even sure how to title this.
I just did a fresh install of Window 10. I do not have a TPM so I setup Require additional authentication at startup. I set up my C: drive with my bitlocker password and rebooted.
When it comes to...
I have 2 storage hdd encrypted w/ bitlocker, in addition to the encrypted OS volume C:.
I activated auto unlock expecting the storage volumes to automatically unlock with the unlocking of C: (I enter the psw during boot since I don't have TPM)....
I've enabled BitLocker (Win 10 Pro) on a Dell laptop Inspiron 5558 and all went well.
BUT.... When I power on the computer the familiar light blue BitLocker screen appears but there is no prompt to enter the key. Just a light blue...
How to Turn On or Off Auto-unlock for BitLocker Drive in Windows 10
BitLocker can encrypt the drive Windows is installed on (the operating system drive) as well as fixed data drives (such as internal hard drives). You can also use BitLocker To Go...