Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
Vista
admin account
file management
games
general
hardware assessment
hardware devices
installation
mail
multimedia
networking sharing
performance
print_fax_scan
security
  
 
date: Fri, 12 Sep 2008 11:30:06 -0700,    group: microsoft.public.windows.vista.security        back       


BitLocker confusion    
I apoligize if this question has been asked, but I didn't see it when I 
searched the forum and elsewhere on the web.

I have a laptop that I have been considering Whole Drive Encryption on for a 
while. 

The options that I am aware of are PGP Whole Drive Encryption, TrueCrypt, 
and BitLocker. 

I have Vista Ultimate and BitLocker is one of the big reasons I got 
Ultimate, but BitLocker doesn't seem to be as straight forward as some of the 
other options which is irratating.

My laptop does not have a TPM chip. From what I have read, this means that 
to use BitLocker I must use a USB drive to store the key.

Before I go any further down this road, I have no idea if my laptop's BIOS 
supports a USB drive pre-boot.

In addition, the BitLocker driver preperation tool was unable to create a 
partition for BitLocker. I'm not sure why, but my first thought is that it 
wants to move the paging and hybernate files and can't. There is a long set 
of instructions that I found where you can "try" to work around this with no 
garuntee that it will work.

So... Before I try to go that route I was wondering if anyone could answer 
some questions about BitLocker so I know if it is really what I want.

In all of the instructions that I read on how to install BitLocker without a 
TPM, the instructions always state that you plug your usb key in, boot the 
system, and Vista comes up. There is never a mention of a password. Is this 
correct? If so, all someone would need to gain access to the laptop would be 
the USB key. This sounds unsecure to me. If my laptop was stolen there is a 
very good chance the USB key would be with it. I can try to take it with me 
whenever possible, but that isn't always practical or likely. Its not like a 
car key that I can stick in my pocket every time I get out of the car.

Is there any way to use BitLocker without a TPM that utilizes a password? I 
know there is the recovery password, but a 48 digit random code isn't easy to 
memorize either.

My preference would be to use BitLocker since I already bought it.

PGP looks like a good option, but its a couple hundred dollars I think.

TrueCrypt is free, but I'm a little nervouse about using a free product to 
encrypt my entire hard drive. Maybe I shouldn't be biased, but if something 
goes wrong with this it will be painful to recover. I have used TrueCrypt to 
create encrypted volumes before and it works well but is a hassle to mount 
and unmount them all the time.
date: Fri, 12 Sep 2008 11:30:06 -0700   author:   ormico

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us