SEARCH

How-To Geek

How To Use BitLocker on Drives without TPM

BitLocker is an encryption feature available in Ultimate and Enterprise versions of Windows 7 and Vista, but requires a Trusted Platform Module (TPM) on the system. Not all systems include TPM and today we take a look at how to bypass it so you can use BitLocker.

Enable BitLocker

You can use BitLocker to encrypt an entire fixed drive, such as the local drive Windows is installed on or an internal data drive. For removable flash or external USB drives you can use its younger brother, BitLocker To Go. First let’s take a look at how to enable BitLocker on a local hard drive.

To encrypt an entire drive, simply right-click on the drive and select Turn on BitLocker from the context menu.

2-bit

Next you’ll need to choose a secure password that will be used to access the drive.

6-bit

You’re prompted to store the recovery key which is used in the event you lose your password or smartcard. If you store it as a file make sure that it’s not on the same drive that you’re encrypting.

7-bit

Confirm you want the drive to be encrypted then wait until the process is complete. The amount of time it takes will vary based on the size and amount of data on the drive.

6progress

To access the encrypted drive you’ll need to enter in the password to unlock it.

8-bit

The drive icon will change to show it’s encrypted with BitLocker, where the gold lock indicates it’s locked up and the gray lock is displayed after you have unlocked it.

sshot-2009-11-03-[23-02-47] sshot-2009-11-04-[00-22-51]

Use BitLocker on a Drive Without TPM

What happens if you get this goofy error…and what is a TPM anyway? TPM stands for Trusted Platform Module which is a microchip in a computer that supports advanced security features. It’s where BitLocker stores the encryption key. If you have a drive that doesn’t have a compatible TMP then you’ll need to use the following steps and have a flash drive.

1-bit 

Enter in gpedit.msc in the search box of the Start menu and hit Enter.

3-bit

Under Local Computer Policy navigate to Computer Configuration \ Administrative Templates \ Windows Components \ Bit Locker Drive Encryption \ Operating System Drives and double click on Require additional authentication at startup.

5-bit

Enable the feature and check the box next to Allow BitLocker without a compatible TPM, click Apply and Ok, and close out of Local Group Policy Editor.

4-bit 

Go back to the hard drive you want to encrypt and turn on BitLocker. A restart will be required to prepare the disk, and at this point make sure the flash drive is plugged in.

sshot-2009-11-04-[18-55-32]

After the restart you’re prompted to use the startup key on the flash drive every time you start the computer.

sshot-2009-11-04-[18-58-56]

Select the drive you want to use to store the key.

sshot-2009-11-04-[18-59-26]

After that the process is as we showed above. This method may not be as convenient but at least you don’t have to go out and buy a new system that includes a TPM. If you don’t want to deal with this process, read about how to encrypt your driving using TrueCrypt.

Also, you might want to check out our article on using BitLocker To Go for encrypting flash drives.

Lowell Heddings, better known online as the How-To Geek, spends all his free time bringing you fresh geekery on a daily basis. You can follow him on if you'd like.

  • Published 11/9/09

Comments (31)

  1. dinesh

    Awesome article Mystikgeek.

  2. Richard

    You are really just the best with all these tweaks. I was looking for this one last week. Heck you’re the only one that was able to find / provided it me. I was wondering how come I was able to bitlock my d: drive, but not my root c: due to this TPM issue. It baffled me…

    Before I go ahead and encrypt my HD, have you notice a huge hit in FPS for a gaming PC?

    Myself, I’m using win7 ult 64bit, Asus P5k, Q6600, 4Gigs of ram.

    Thanks again for this find & sharing it.

    Cheers

  3. mac

    is there anyway to turn on and off bitlocker to go without restarting the computer? or without logging in and off?

  4. Jon

    Great article on a very useful feature. I’d be curious to see how drive performance is affected by being encrypted.

    I think that TPMs are only on laptops and servers? I’ve seen workstation class motherboards come with a slot for one but never seen the actual TPM included.

  5. Tutang

    Good article. I really like the article step by step like this. Success for you.

  6. William

    Can an SD Card be used instead of a flash drive.

  7. joe

    A case you haven’t covered: preparing the drive yields “bitlocker setup could not find a target system drive – you may need to manually prepare your drive for bitlocker”

  8. MJ

    Outstanding !!!! Worked perfectly !!!!

  9. jaymz

    Works great until you forget the password and realize that you didn’t print out or save the recovery key. Dumb! Dumb! Dumb! Dumb! Definitely an operator error!

  10. Sawan

    Yara I cant open my drive..after i locked it by Bitlocker………….Is there any way to uninstall bitlocker from window…………or is there any way to open my drive…….because when i unlock my drive…….it s not responding…………….plz can any one help

  11. peter

    hi!
    i wanted to encrypt a partition on my computer, not the windows partition, another one, but i’ve cancelled the enrcypting process by mistake and now i can’t access it, i have the password and everything, but when i want to unlock it it says that it cannot be done because of an I/0 error. is there some solution to this, i have important data on the partition. a friend of mine suggested i should try reach the partition from linux. do you think this could work? any help greatly appreciated.
    cheers, peter

  12. Chintan

    i want to use bitlocker without tmp.
    i am follow complete steps, but i saw following error
    bit locker setup could not find a target system drive. You may need to manually prepare your drive for bitlocker.
    pls give me solution….

  13. QBall

    I did everything in the last section, “Use BitLocker on a Drive Without TPM” but I STILL get the following error:

    (X) A compatible Trusted Platform Module (TPM) Security Device must be present on this computer, but
    a TPM was not found. Please contact your system administrator to enable BitLocker.

    I have a 1 Gb flash drive and I can access via explorer, so … wassup with that error still there?

    Thanks! ;)

  14. kenneth

    Hello there. This topic is so good. But im just wondering. You have the key in the removable disk and you checked the box that says you will be requiring to unlock the drive every system start up:

    •My question is, can you use the bitlocked drive even without the removable disk where you put the key?
    •if a drive is bitlocked (encrypted), can i save files in it? can i open it? im sorry. i dont know what encryption is :)

    thank you. im reading alot here at htg

  15. whseto

    If the drive is “bitlocked”, it should be able to open it after the correct password is inputted.
    If you are using XP, get the “bitlocker to go” reader install and the encrypted drive can be used.

    Does anyone know how to backup the TPM file from a standalone machine. I read an article to backup the TPM in a domain but I don’t know how to do it on the standaloine windows 7 machine.

    Thanks

  16. Dr.Zango

    You got love what you do and do what you love. I love people like you who go about solving problems and putting it up online.
    This is truly good. I just installed windows 7 and used the tmp info you shared. It worked.

    I just wanted to ask, my os C drive has used up a lot of space after activating the TMP, is it bcoz it did the partition and is using that space? Kindly lemme know on this.

    Am gonna keep coming here bro. Thanks a bunch.
    a big shout from the land of monkeys

    Dr. Zango

  17. Razak

    Still i was not able to configure mine,am using Vista and am lost

  18. Men Tran

    Snail sloooow encrypting process. What’s a pain on the …ss.
    It took my full 1.5TB HHD 12h to just 25.7% complete, and I’m sitting here praying for…the electrical company.
    It would be about 1 second to encrypt or decrypt with Storage Crypt.

  19. Yuva

    in vista wat is the option for enabiling the bit locker option

  20. Denis

    I have successfully installed bit locker on my SDHC but I cann’t operate once I inserted into my camera, with note from camera that no space. Then I tried to remove my password, and was unsuccessful. Please advice. Thank you and very much appreciated.

  21. HackToHell

    Well it is good to use , but I pefer True Crypt cause it has portability

  22. Cheewii

    Nice article, but it does not open drive! My drive does not display the lock icon, silver nor gold. When I click once, it says at bottom bitlocker status encrypting? help me, I cant access my data.

  23. Amit Kumar

    Good article But I’m unable to open my drive & my removable device icon not display. Plz. Help me.

  24. Amit Kumar

    Locked icon displayed but I’m unable to open my device.

  25. Mike

    We had been using Windows 7 Ultimate’s bitlocker daily and it does not give us any problem
    in term of speed or running any software.

    The problem with bitlocker is that it allows anybody who access to PC to save the Startup Key into any removable disk or you can even copy the Startup Key from one removable disk to another removable disk.

    So far we are using Biocryptodisk and its USB end point solution to protect the Startup Key from being
    duplicated.

  26. RUPINDER

    JKMJGM

  27. Jimmy

    Thank you. This has helped. =)

  28. inchuk choden

    i forgot the pass of the bit locked drive(f) and i dont have the recovery key too, how shall i open the drive?

  29. Abdul Razeq Fakur

    Is there any way to use bit locker for windows 7 professional 64 bit?

  30. rakesh shukla

    when i try to turn on bitlocker then it shows this disc is protected..??

  31. Thuya

    I can’t write gpedit.msc in CMD
    the reply is
    “Windows cannot find ‘gpedit.msc’. Make sure you typed the name correctly, and then try again”
    How can I solve this problem.

Get Free Articles in Your Inbox!

Join 134,000 newsletter readers

Email:

Go check your email!