Results 1 to 9 of 9
  1. #1
    5 Star Lounger
    Join Date
    Jul 2001
    Location
    Terneuzen, Netherlands
    Posts
    895
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Bitlocker _ Automatic unlock on other Win7 system??

    So I created a BitLock-ed USB flashdrive on a Win7 Enterprise system. There I enabled the "Automatically unlock on this computer" feature. I'm happy as this makes use of the now encrypted USB flashdrive transparent.
    So now I went home and entered the drive into my Win7 HOME system. Sure it works if I enter my password, however the "Automatically unlock" feature appears greyed out. PLEASE don't tell me this feature only works on enterprise Win7 systems....

  2. #2
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    BitLocker is only available on Windows Enterprise or Ultimate. Maybe that is the reason for what you are experiencing.

  3. #3
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    Ok Jan I won't tell you. I will let MS tell you. Sorry!
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  4. #4
    5 Star Lounger
    Join Date
    Jul 2001
    Location
    Terneuzen, Netherlands
    Posts
    895
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I know BL is only available on Enterprise (that's where I created my encrypted flashdrive). However... it is supported in XP (but limited) and it is fully supported on Win7 (any version). So indeed it works on my Win 7 here as well. The onlything I want to know is if the auto unlock feature is exclusive for enterprise systems...

  5. #5
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    If I scan down this MS site I see the following: This is a fairly extensive description from MS Technet, contains a lot of info.


    Can I access my BitLocker-protected drive if I insert the hard disk into a different computer?
    Yes, if the drive is a data drive, you can unlock it from the BitLocker Drive Encryption Control Panel item just as you would any other data drive by using a password or smart card. If the data drive was configured for automatic unlock only, you will have to unlock it by using the recovery key. If it is an operating system drive mounted on another computer running Windows 7, the encrypted hard disk can be unlocked by a data recovery agent if one was configured or it can be unlocked by using the recovery key.

    I guess both Rui and I misunderstood your question.
    Last edited by Medico; 2011-08-10 at 15:08.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  6. #6
    5 Star Lounger
    Join Date
    Jul 2001
    Location
    Terneuzen, Netherlands
    Posts
    895
    Thanks
    0
    Thanked 0 Times in 0 Posts
    No (sorry), I explicitly mentioned in my original post "USB flashdrive"! Therefore this means we are talking NOT about the 'normal' BitLocker but about "Bitlocker - To - Go" !! From your same article I read this:

    BitLocker To Go
    What is BitLocker To Go?
    BitLocker To Go is BitLocker Drive Encryption on removable data drives. This includes the encryption of USB flash drives, SD cards, external hard disk drives, and other drives formatted by using the NTFS, FAT16, FAT32, or exFAT file systems.

    How can I authenticate or unlock my removable data drive?
    In Windows 7, you can unlock removable data drives by using a password or a smart card. After you've started encryption, the drive can also be automatically unlocked on a specific computer for a specific user account. System administrators can configure which options are available for users, as well as password complexity and minimum length requirements.

    So I do not see that the "automatically unlocked" is unique for non Enterprise systems... Still... it doesn't seem to be enabled on my Win7 system...

  7. #7
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,594
    Thanks
    5
    Thanked 1,059 Times in 928 Posts
    In the Technet article to which Ted linked:

    "Automatic unlock. Fixed data drives can be set to automatically unlock on a computer where the operating system drive is encrypted. Removable data drives can be set to automatically unlock on a computer running Windows 7 after the password or smart card is initially used to unlock the drive. However, removable data drives must always have either a password or smart card unlock method in addition to the automatic unlock method."

    Also:
    "What is BitLocker To Go?
    BitLocker To Go is BitLocker Drive Encryption on removable data drives. This includes the encryption of USB flash drives, SD cards, external hard disk drives, and other drives formatted by using the NTFS, FAT16, FAT32, or exFAT file systems.


    How can I authenticate or unlock my removable data drive?

    In Windows 7, you can unlock removable data drives by using a password or a smart card. After you've started encryption, the drive can also be automatically unlocked on a specific computer for a specific user account. System administrators can configure which options are available for users, as well as password complexity and minimum length requirements."

    And last:

    "Why am I unable to automatically unlock my drive?
    Automatic unlocking for fixed data drives requires that the operating system drive also be protected by BitLocker. If you are using a computer that does not have a BitLocker-protected operating system drive, the drive cannot be automatically unlocked. For removable data drives, you can add automatic unlocking by right-clicking the drive in Windows Explorer and clicking Manage BitLocker. You will still be able to use the password or smart card credentials you supplied when you turned on BitLocker to unlock the removable drive on other computers. "

    NOTE: the last quote implies that automatic unlocking is only available on the computer where the drive was originally encrypted.

    Joe

  8. #8
    5 Star Lounger
    Join Date
    Jul 2001
    Location
    Terneuzen, Netherlands
    Posts
    895
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by JoeP517 View Post
    In the Technet article to which Ted linked:

    For removable data drives, you can add automatic unlocking by right-clicking the drive in Windows Explorer and clicking Manage BitLocker. You will still be able to use the password or smart card credentials you supplied when you turned on BitLocker to unlock the removable drive on other computers. "

    NOTE: the last quote implies that automatic unlocking is only available on the computer where the drive was originally encrypted.

    Joe
    It looks like you're right but it's rather hidden... I DID enable "automatic unlocking by right-clicking the drive in Windows Explorer and clicking Manage BitLocker. " But on another Win7 system that doesn't help me... boo! Seems soo easy... make me enter the password once and then store it encrypted in the same way as on the original system... As I can READ & WRITE Bitlocker encrypted flashdrives, I should also be able to store the password encrypted I would think... Maybe I shouldn't think

  9. #9
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,594
    Thanks
    5
    Thanked 1,059 Times in 928 Posts
    Quote Originally Posted by ErikJan View Post
    It looks like you're right but it's rather hidden... I DID enable "automatic unlocking by right-clicking the drive in Windows Explorer and clicking Manage BitLocker. " But on another Win7 system that doesn't help me... boo! Seems soo easy... make me enter the password once and then store it encrypted in the same way as on the original system... As I can READ & WRITE Bitlocker encrypted flashdrives, I should also be able to store the password encrypted I would think... Maybe I shouldn't think
    It seems simple but maybe the problem is that the underlying BitLocker software for managing the secure passwords is not installed on the lower level SKUs. Microsoft is trying to give you the incentive to purchase a higher level SKU.

    Joe

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •