Listen to a podcast about using BitLocker on a system without TPM with Serdar Yegulalp (6:57).
BitLocker, a function available in Microsoft's Vista Enterprise and Ultimate versions, let you encrypt on a system drive, something that wasn't possible in previous versions of Windows without a third-party product. Typically, in order to use BitLocker, you need a system with Trusted Platform Module (TPM) hardware, version 1.2 or better -- something that a number of PC manufacturers are now starting to supply, albeit at additional cost.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
But what if you want to use BitLocker on a system that doesn't have a TPM? Most computers -- especially most existing computers -- don't have a TPM, and you can't add a TPM to a computer. It's either part of the system's design or it's not.
Fortunately, Microsoft has built a number of provisions into BitLocker that make it useable on a system that doesn't have a Trusted Platform Module. In this article, I'll walk you through the ways to get BitLocker up and running on a PC that doesn't include a TPM, what you'll need in its absence, what practices you'll have to follow and what you can expect.
Note: Do not perform any of these steps until you've made a full backup of any data on the drive! The process is fairly self-guiding, but it's entirely possible for something to go wrong. If there's anything on the drive that is irreplaceable, back it up before attempting to encrypt the drive.
Use BitLocker on a non-TPM system
Step 1: Know your hardware
Step 2: Configure the drives
Step 3: Edit the local policy
Step 4: Start the BitLocker encryption process
About the author: Serdar Yegulalp is editor of the Windows Power Users Newsletter. Check it out for the latest advice and musings on the world of Windows network administrators -- and please share your thoughts as well!