Subscribe to Make Magazine Today!

BitLocker 000-Bitlocker Drive Encryption.png
Vista’s BitLocker drive encryption is available in the Ultimate and Enterprise editions. To use it, you’ll need a computer with a supported Trusted Platform Module (TPM), but even if you have one, it may not be enabled properly in your computer (in which case, you’ll be waiting on your PC or motherboard vendor to update the BIOS).

You may remember some talk about Vista allowing you to use a USB flash drive on systems that don’t have a TPM. It’s possible, but you need to dig up an obscure setting to turn it on.The first thing you need to do is modify your drive partitions to support BitLocker. Until about a week ago, this was a massive hassle: you’d need to re-partition and install from scratch. Fortunately, MIcrosoft has released a Windows Ultimate Extra (available through Windows Update) that will prepare your drive for BitLocker without repartitioning:

Bitlocker 001-Install Bitlocker Enhancements.png

After you’ve installed it, open the Start Menu, and choose Programs->Accessories->System Tools->BitLocker->BitLocker Drive Preparation Tool. Follow the instructions (including the warning about backups), and prepare your drive. After it finishes, you’ll need to reboot, and you’ll find that the BitLocker control panel still isn’t ready to cooperate:

BitLocker 006-still need a TPM.png

To sort it out, you need to run the Group Policy Object Editor (open the Start menu, type gpedit.msc into the search field, and press enter. You can also launch gpedit.msc from the Run dialog or command prompt). Once you get into the Group Policy Object Editor, drill down to Local Computer Policy->Computer Configuration->Administrative Templates->Windows Components->BitLocker Drive Encryption. In the right-hand pane, double-click on Control Panel Setup: Enable advanced startup options. In the dialog that appears, enable this option, then press OK and close the Group Policy Object Editor:

BitLocker 009-Enabled advanced options.png

Run the command gpupdate /force from the command prompt, search box, or start menu (you might need to launch the command prompt with Admin privileges, which means you need to find Command Prompt in the Start menu, right-click it, and choose Run as Administrator). After gpupdate runs, close the control panel and open it again to the BitLocker options, and with any luck, you should be able to configure BitLocker:

BitLocker is a go.png

Brian Jepson

I’m a tinkerer and finally reached the point where I fix more things than I break. When I’m not tinkering, I’m probably editing a book for Maker Media.

blog comments powered by Disqus

Related Supplies at Maker Shed


Get every new post delivered to your Inbox.

Join 29,174 other followers