Enjoy Sharing

How to enable BitLocker to prompt for PIN during startup

You can do this after BitLocker has encrypted the entire drive. First you have to enable the local policy to require a PIN during startup. You could also do that centrally enterprise wide through Group Policy (GPO). To do this:-

  • Click Start > Run.
  • Type “gpedit.msc”

image

  • Go to Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives.
  • One the right pane, double-click on Require additional authentication at startup.

image

  • Choose Enabled
  • Uncheck the Allow BitLocker without a compatible TPM
  • Under Configure TPM startup PIN:, choose Require startup PIN with TPM

After all that is done, you need type a few commands to get it going. Here’s how.

  1. Start your command prompt (make sure you run it as an administrator).
  2. Type; “manage-bde -protectors -add c: -TPMAndPIN”.
  3. Then type; “manage-bde -status” to check whether the TPMAndPin protector has been added.

After you’ve done this and still realise you’re not prompted for PIN during startup, you might want to try this. https://weikingteh.wordpress.com/2011/03/17/how-to-get-bitlocker-to-prompt-for-pin-during-startup/

Enjoy!!!

Advertisements

8 responses

  1. Lion Of Judah

    Thank you

    June 22, 2012 at 5:34 am

  2. Great – thanks

    September 6, 2012 at 11:10 pm

  3. Is this only for the boot drive (OS) or also for data drives.

    March 12, 2013 at 1:29 am

  4. Claus

    Thank you from munich

    July 16, 2013 at 7:46 pm

  5. EdTwoOh9

    Thanks!

    If you want to use stronger passwords (allowed to use characters other than and including 0-9):

    Go to Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives.
    On the right pane, double-click on Allow enhanced PINs for startup
    Choose Enabled

    August 17, 2013 at 12:22 am

  6. jeepee

    It worked with Windows 10, thank you so much!

    August 16, 2015 at 9:31 pm

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s