{"id":67052,"date":"2024-11-25T21:21:13","date_gmt":"2024-11-25T20:21:13","guid":{"rendered":"https:\/\/ekiwi-blog.de\/?p=67052"},"modified":"2024-11-27T10:21:48","modified_gmt":"2024-11-27T09:21:48","slug":"bitlocker-configuration-with-boot-pin-usb-drives-do-not-allow-bitlocker-encryption","status":"publish","type":"post","link":"https:\/\/ekiwi-blog.de\/en\/67052\/bitlocker-configuration-with-boot-pin-usb-drives-do-not-allow-bitlocker-encryption\/","title":{"rendered":"BitLocker: Configuration with Boot PIN &#8211; USB drives do not allow BitLocker encryption"},"content":{"rendered":"<p>If you use a boot PIN for additional security with BitLocker, it may happen that USB drives can no longer be encrypted with BitLocker.<\/p>\n<p><!--more--><\/p>\n<p>The TPM protection of BitLocker is convenient but offers possibilities for bypassing. Therefore, there is the option of a PIN, which must be entered at <a href=\"https:\/\/ekiwi-blog.de\/en\/62862\/bitlocker-protection-can-be-bypassed-remedy-with-pin\/\">system startup<\/a>.<\/p>\n<p><iframe loading=\"lazy\" width=\"560\" height=\"315\" src=\"https:\/\/www.youtube.com\/embed\/xQHCyZBvrV4?si=xXvI2XwZmlUJqPNE\" title=\"YouTube video player\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<p>Only after entering the PIN will the hard drive is decrypted.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2024\/11\/bitlocker_pin_en_1.png\" alt=\"\" width=\"629\" height=\"218\" class=\"aligncenter size-full wp-image-67036\" srcset=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2024\/11\/bitlocker_pin_en_1.png 629w, https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2024\/11\/bitlocker_pin_en_1-300x104.png 300w\" sizes=\"auto, (max-width: 629px) 100vw, 629px\" \/><\/p>\n<p>However, this method has a disadvantage: it may happen that when attempting to encrypt a USB drive, we are confronted with an error message.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2024\/11\/bitlocker_pin_en_2.png\" alt=\"\" width=\"649\" height=\"263\" class=\"aligncenter size-full wp-image-67040\" srcset=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2024\/11\/bitlocker_pin_en_2.png 649w, https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2024\/11\/bitlocker_pin_en_2-300x122.png 300w\" sizes=\"auto, (max-width: 649px) 100vw, 649px\" \/><\/p>\n<blockquote><p>\n\u274c The Group Policy settings for BitLocker startup options are in conflict and cannot be applied. Contact your system administrator for more information.\n<\/p><\/blockquote>\n<p>The solution is to configure the option &#8220;Allow startup PIN with TPM&#8221; in the group policy editor.<\/p>\n<p>You can find the setting here: Administrative Templates &#8211; Windows Components &#8211; BitLocker Drive Encryption &#8211; Operating System Drives &#8211; Require Additional Authentication at startup.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2024\/11\/bitlocker_pin_en_3.png\" alt=\"\" width=\"524\" height=\"520\" class=\"aligncenter size-full wp-image-67044\" srcset=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2024\/11\/bitlocker_pin_en_3.png 524w, https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2024\/11\/bitlocker_pin_en_3-300x298.png 300w, https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2024\/11\/bitlocker_pin_en_3-150x150.png 150w\" sizes=\"auto, (max-width: 524px) 100vw, 524px\" \/><\/p>\n<p>The boot PIN remains active and must be entered. You should now be able to use BitLocker for USB drives.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2024\/11\/bitlocker_pin_en_4.png\" alt=\"\" width=\"668\" height=\"320\" class=\"aligncenter size-full wp-image-67048\" srcset=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2024\/11\/bitlocker_pin_en_4.png 668w, https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2024\/11\/bitlocker_pin_en_4-300x144.png 300w\" sizes=\"auto, (max-width: 668px) 100vw, 668px\" \/><\/p>","protected":false},"excerpt":{"rendered":"<p>If you use a boot PIN for additional security with BitLocker, it may happen that USB drives can no longer<\/p>\n","protected":false},"author":1,"featured_media":18732,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1555],"tags":[1874,1559,1558],"class_list":["post-67052","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-software-en","tag-bitlocker-en","tag-tutorial-en","tag-windows-en"],"_links":{"self":[{"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/posts\/67052","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/comments?post=67052"}],"version-history":[{"count":0,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/posts\/67052\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/media\/18732"}],"wp:attachment":[{"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/media?parent=67052"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/categories?post=67052"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/tags?post=67052"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}