Another situation of Bit Locker not allowing access to the encrypted drive on boot up is a BIOS upgrade of a new machine by the manufacture after the Bit Locker encryption took place. The TPM (Trusted Platform Module) stores the Bit Locker key configuration of the encrypted drive. it's a separate chip on the motherboard. Though the TPM 2.0 standard allows manufacturers like Intel or AMD to build the TPM capability into their chipsets rather than requiring a separate chip. If the data on the TPM (e.g. a bios upgrade) does not match the key data on the encrypted drive, you better have your Bit Locker key handy or you're screwed.

Don't just save your Bitlocker keys on a thumb drive. *PRINT* your keys and include comments about what each key is for. Store the paperwork securely.

@portman8909

4 ай бұрын

Printed, on a mobile device, and saved to usb ideally

Thank you for this video! I've also always avoided BitLocker like the plague, not trusting that Microsoft wouldn't mess something up, lose my key, and leave me whistling in the dark to get my data back. Not happy that now they're trying to force BitLocker encryption on all Windows systems, which just seems unnecessarily stupid for anything other than easily stolen laptops.

Hi Leo.. I almost decided to turn on Bitlocker… then learned of the issue with SSD drive slowdowns with Windows 11. I’d love to hear your take on this problem?

I've used Bitlocker for several years now. Works great!

@monza8844

4 ай бұрын

Works great.... until you have issues.

@cadelepski5161

4 ай бұрын

@@monza8844 Like everything else...ever. Like I said, several years and no issues. To me, that's working great.

I would do all three. Save to Microsoft account if you have one in use. Save the file to an external drive, and make sure it's backed up to several other drives as USB or SD cards or whatever are cheap. And 3rd, print out a few copies to keep a copy and maybe give a copy to a relative or keep in your car or something.

When someones steals my computer tpm+pin is there an way to decrypt it? Or is it 100% safe? I mean no one can bruteforce an long pin

Thanks, I've been thinking about trying Bitlocker for some time, this helps alleviate some of my trepidation!

@SpiritintheSky.

7 ай бұрын

I'm pleased to learn that it has alleviated your trepidation. However, it has increased mine.

I believe you can buy SSD drives that are self incrypting, i.e. hardware encrypting. So may be a better way of doing it than via software. I have used Veracrypt a few times in the past when I went on vacation and brought my laptop with me. Though in that instance, I also loaded a new install of the OS on a spare drive and only loaded files that I may have needed access to while on vacation instead of using my main drive at the time that was loaded with all of my docs/pics, etc. Just in case it got stolen.

@0:20 "...in every edition of Windows, other than Home." The "Home" addition does have BitLocker (in a way). It is not enabled. If you were to enter a "Pro" license key, BitLocker would become enabled, and nothing BitLocker related gets installed (it was already there). Windows does this with other tools, such as Remote Desktop. Only Pro and above can act as the server. But Home versions of Windows can start the Remote Desktop client and connect to a Windows machine running the Server end of Remote Desktop. Back to BitLocker... If someone hands you a USB drive that is BitLocker encrypted, your Home version will be able to decrypt it, the same as Pro.

@Dafoosa2

4 ай бұрын

Update: 2024: Windows 11 Home version will now automatically enable bitlocker on internal drives if you log into a microsoft account on a modern device. Ref: kzread.info/dash/bejne/o6Kl0Kuud6jUeJM.html I can personally confirm this, as I bought a windows surface pro 8 last year with Windows Home and bitlocker is turned on on C: drive. Whats bad, is I didnt know it was on, but got lucky and noticed and have now made a backup of my c drive recovery key

i saved the code for my combination lock on my computer before loading a corrupted world and i had bitlocker enabled and now I can’t open the combination lock

One thing I recently encountered on a bit-locked drive, I couldn't clone it. Only after turning off bitlocker could I clone drive (Win10).

@electrocat9

11 ай бұрын

logic if you try clone with windows

@340dave

11 ай бұрын

@@electrocat9 Not cloning with windows, using Acronis or AOMEi (Windows versions though..)

If you make an image backup of a Bitlocker encripted drive; if you have to boot from it, can you? or do you need the recovery key?

@askleonotenboom

11 ай бұрын

Generally you cannot boot from image backups - you need to restore them first. As to whether or not the key is needed depends on exactly how the backup was created and what tool was used.

@jamesedwards3923

4 ай бұрын

Saving a single copy of all your important data. To a boot drive. For long term storage. A horrible idea. Your OS drive. Should never be a permanent long term storage unit.

Question: does veracrypt need to be installed on a computer in order to make a veracrypt encrypted file accesable? Thanks for the video

@askleonotenboom

2 ай бұрын

I believe so, yes.

@johnpalma7265

2 ай бұрын

@@askleonotenboom o.k. Thanks again.

According to TomsHardware, BitLocker slows down SSD by up to 45%.

@askleonotenboom

Ай бұрын

Any chance you can provide a link? I'd love to confirm that. Fascinating if true, I was under the impression performance impact was negligible.

Leo the warning came too late to save me from Bitlocker being on by default. Encrypted into a corner describes it well. I ended up in frustration wiping everything and re-installing. I have Bitlocker turned off since then. This seems to me best described as a malicious booby trap in Windows waiting to ensnare the unwitting like me. Why is it on by default?

@askleonotenboom

11 ай бұрын

"For your protection" I would assume. It's totally safe AS LONG AS you back up the recovery key.

@sirensatnight4463

Ай бұрын

@@askleonotenboom This is not true. If you use Bitlocker and update your drivers, and then the computer won't boot, Bitlocker won't save you either. You should NEVER use Bitlocker under any circumstances. It is a bomb which can and will go off, destroying your data and hard drive. I know. I've dealt with this many times with clients who accidentally turned it on when they bought the computer, not knowing any better. Some day though, we find out that they didn't save the key, and they did somehow get themselves into a mess. Bitlocker is a horrible thing. Don't do it. Learn how to remove it so ignorant users don't accidentally screw themselves up. What an awful thing Microsoft has done here. If you need encryption, why is that? Find some other way, don't allow Microsoft to turn on anything that you are not sure of. They will screw you, for sure. Dang, Stop this, Microsoft. We don't want you to make something that people can accidentally enable and destroy their ability to get back into their computer and data.

Is your file data available if you share to another person or device?

@askleonotenboom

11 ай бұрын

I'd need more specifics. Of course something you share with someone else makes that available to them, so I'm certain I'm not understanding the question.

Hi, Does Macrium back up the data unencrypted? I am 99% sure that it does but want to ask you to be 100%. Thank You! 🤔

@askleonotenboom

5 ай бұрын

It does by default. You can password protect a backup, which encrypts it.

Is bitlocker about physical theft of drives only? If there is no threat of that can it be disabled?

@askleonotenboom

4 ай бұрын

Mostly physical theft or access yes. I consider it important for mobile computers, and optional for desktop/stationary depending on their environment.

What are you talking about. I've been using bitlocker encrypted drive after new windows setup and on other computer

And here I struggle with eh idea that I even need to have a Microsoft account... I admit I did not finish the video as the first half had nothing new or helpful. Its simply reading the bitlocker instructions...

BitLocker Encryption is not listed in Control Panel on Windows 11 Home Edition, Leo. What should i do now?

@pao_jacare

2 ай бұрын

It's only available on pro edition.

@robertagallant3819

2 ай бұрын

Thank you for letting me know that the BitLocker Encryption is available on Windows Pro Edition.

For the only time, find myself out of my depth with one of your admirable videos. It doesn't help that you begin with using BL before you've checked whether or not it has already been set by Microsoft and there is some sort of Key or password - confusing - to be found somewhere. (For information, I'd already tried another video and had to give up.) I'll have to persist somehow to protect myself against BL already running in situ, or suddenly find myself like the very unfortunate "spambedam" below.

@SpiritintheSky.

7 ай бұрын

Further to my comments two days ago, I've followed the video's advice to see if BL is on or not. But my Win 11 laptop, fully up to date, as of 17.11.23 / 11.17.23, displays neither "Manage BL" nor the ability to turn off BL (if "on"!) under Show More Options. Perhaps it's "off" and therefore no mention of BL is necessary?

What happens if the owner of the computer is not tech-savvy, has never saved the recovery key, and now she is unable to log into the computer?

@frankdaeran352

25 күн бұрын

That's a perfect example of Bitlocker doing it's job. If it were that easy to recover, then it would be pointless to use any encryption.

@tonytech5520

25 күн бұрын

@@frankdaeran352 My question is not if it is easy to recover; my question is, is it possible to recover without wiping out the disk?

im on windows 10 home so i dont have or use that

@NativeVsColonial

11 ай бұрын

Same 😂

I must have a boring life I can't think of a reason I need this.

@jamesedwards3923

4 ай бұрын

That is exactly the wrong thought process. If you keep information. Important to anything thief. It needs to be protected.

@portman8909

4 ай бұрын

It's default on mobile devices and should be default on any desktops or laptops. There's no noticeable performance impact. My applications and games run smooth as before.@@jamesedwards3923

Never had to use it , i do not store photos etc , i use it as a gaming machine nothing more nothing less , if i want to use it for bank etc i use another pc that no one can use , but i have just noticed a bios flash update for the motherboard needs bitlocker turned on , that is not what i am happy about , It should be of choice to use it or not and not forced to use it . So it looks like i will buy a fresh drive specifically for it .

@paijokotak6996

4 ай бұрын

I eccounter big problem because of it 😢

@XENONEOMORPH1979

4 ай бұрын

@@paijokotak6996 what encounter would that be ?

I avoid BitLocker totally. And also Windows. After decades of Microsoft, starting before MS Windows, I got fed up with it, and moved from Windows to Linux Mint 26 months ago. Don't miss Windows at all, and am not going back. Windows Shows Us How NOT To Encrypt Our Drives kzread.info/dash/bejne/fH2dw5qBmsKZpKg.html

I will never buy Windows computer again, moving to Mac, less hassle

Bit locker encryption sounds like a great option yet it's another poor Microsoft implementation. It's basically an inconvenience for someone that wants to get your data off of your Windows computer. If you forget your PIN, a lot of times there is a link that will have Microsoft send a recovery code to your phone. (That's pretty damn insecure). There are also multiple attacks known against the TPM directly which can obtain your encrypted data. There are multiple other ways that an attacker can obtain your "encrypted" data in bitlocker. Obviously, if you are using Windows, security is not your top concern, but be aware.

@portman8909

4 ай бұрын

Again that is the point. You don't want your drive easily accessible. Either pin code or recovery key. If you lose both, then that's your fault. Bitlocker is to prevent on site data stealing while the drive is locked. It doesn't do anything to prevent hacking because the Bitlocker is unlocked when you sign in obviously. There is no TPM hack for CPU integrated TPM. That trick only worked for dedicated TPM modules by jumping it with a tool.

The following error is preventing bitlocker: failed to open the bitlocker control panel tool: error code 0x80004005 How do I fix this?