Bitlocker Question?

Posted: 05-04-2007, 08:29 PM
I have Bitlocker enabled on my TPM laptop. It works great. My question is :
Can I now enable a PIN in addition to the TPM? I have found how to turn it
on via gpedit.msc

If I turn the advanced features on will it go into recovery mode? Or will it
just add the PIN?

Thanks

Bitlocker Question?


Responses to "Bitlocker Question?"

Jesper
Guest
Posts: n/a
 
RE: Bitlocker Question?
Posted: 05-07-2007, 04:30 PM
Yes you can add a PIN now, but you have to do it from the command line. The
tool is called manage-bde.wsf. Here is the syntax you need:
C:\Windows\system32>cscript manage-bde.wsf -protectors -add /?
Microsoft (R) Windows Script Host Version 5.7
Copyright (C) Microsoft Corporation. All rights reserved.

manage-bde -protectors -add Volume
[{-RecoveryPassword|-rp} [NumericalPassword]]
[{-RecoveryKey|-rk} PathToExternalKeyDirectory]
[{-StartupKey|-sk} PathToExternalKeyDirectory]
[-TPM]
[{-TPMAndPIN|-tp} PIN]
[{-TPMAndStartupKey|-tsk} PathToExternalKeyDirectory]
[{-ComputerName|-cn} ComputerName]
[{-?|/?}] [{-Help|-h}]

Description:
Adds key protection methods.

Parameter List:
Volume A drive letter followed by a colon. Example: "C:"
-RecoveryPassword or -rp
Adds a Numerical Password protector.
-RecoveryKey or -rk
Adds an External Key protector for recovery.
-StartupKey or -sk
Adds an External Key protector for startup.
-TPMAndPIN or -tp
Adds a TPM And PIN protector for the OS volume.
-TPMAndStartupKey or -tsk
Adds a TPM And Startup Key protector for the OS volume.
-tpm Adds a TPM protector for the OS volume.
-ComputerName or -cn
Runs on another computer. Examples: "ComputerX", "127.0.0.1"
-? or /? Displays brief help. Example: "-ParameterSet -?"
-Help or -h Displays complete help. Example: "-ParameterSet -h"

Examples:
manage-bde -protectors -add e: -RecoveryPassword
manage-bde -protectors -add e: -rp -rk h:\
manage-bde -protectors -add e: -TPMAndPIN ...

---
Your question may already be answered in Windows Vista Security:
http://www.amazon.com/gp/product/047...otectyourwi-20


"Michael Price" wrote:
> I have Bitlocker enabled on my TPM laptop. It works great. My question is :
> Can I now enable a PIN in addition to the TPM? I have found how to turn it
> on via gpedit.msc
>
> If I turn the advanced features on will it go into recovery mode? Or will it
> just add the PIN?
>
> Thanks
>
 
LinkBack Thread Tools Display Modes
 


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
bitlocker again hermes Windows Vista Security 3 03-03-2007 11:43 PM
BitLocker with TPM+PIN? Matt Wheeler Windows Vista Security 6 11-17-2006 05:30 PM
Bitlocker JoostB Windows Vista 6 10-18-2006 07:09 PM
Bitlocker bug Vipin Windows Vista Security 2 07-21-2006 08:20 PM
BitLocker key change question Dominik Windows Vista Security 5 06-12-2006 10:00 PM