Tuesday, September 27

BIT LOCKER DRIVE ENCRYPTION IN WINDOWS 7 - TPM BYPASSING



  • THIS DRIVE ENCRYPTION TECHNIQUE IS ONLY FOR ULTIMATE & ENTERPRISE EDITION FOR WINDOWS 7. BUT STILL YOUR SYSTEM REQUIRES TRUSTED PLATFORM MODULE (TPM) FOR ENCRYPTION.
  • A TPM IS A MICROCHIP DESIGNED TO PROVIDE BASIC SECURITY-RELATED FUNCTIONS, PRIMARILY INVOLVING ENCRYPTION KEYS. THE TPM IS USUALLY INSTALLED ON THE MOTHERBOARD OF A COMPUTER OR LAPTOP, AND COMMUNICATES WITH THE REST OF THE SYSTEM USING A HARDWARE BUS.
*************************************************************************************************************************************
  • To encrypt an entire drive, simply right-click on the drive and select Turn on BitLocker from the context menu.
  • A TPM ERROR, if you have a drive that doesn’t have a compatible TMP then you’ll need to use the following steps and have a flash drive.
  • Enter in gpedit.msc in the search box of the Start menu and hit Enter.
  • Under Local Computer Policy navigate to -->


    Computer Configuration \ Administrative Templates \ Windows Components \ Bit Locker Drive Encryption \ Operating System Drives

    and double click on Require additional authentication at startup.
  • Enable the feature and check the box next to Allow BitLocker without a compatible TPMclick Apply and Ok, and close out of Local Group Policy Editor.
  • Go back to the hard drive you want to encrypt and turn on BitLocker. A restart will be required to prepare the disk, and at this point make sure the flash drive is plugged in.
  • After the restart you’re prompted to use the startup key on the flash drive every time you start the computer.
  • Select the drive you want to use to store the key.
  • Again, simply right-click on the drive and select Turn on BitLocker from the context menu.
  • Next you’ll need to choose a secure password that will be used to access the drive.
  • You’re prompted to store the recovery key which is used in the event you lose your password or smartcard. If you store it as a file make sure that it’s not on the same drive that you’re encrypting.
  • Confirm you want the drive to be encrypted then wait until the process is complete. The amount of time it takes will vary based on the size and amount of data on the drive.
  • To access the encrypted drive you’ll need to enter in the password to unlock it.
  • The drive icon will change to show it’s encrypted with BitLocker, where the gold lock indicates it’s locked up and the gray lock is displayed after you have unlocked it.








No comments:

Post a Comment