Setup BitLocker Encryption on Windows 10 without TPM

Purpose:

  • This document provides instructions for encrypting Non-Standard Windows 10 computers with without Trusted Platform Module (TPM - integrated security chip) present or enabled, and bypasses the USB flash drive encryption key requirement.
  • BitLocker is a full disk encryption software that comes standard with PCs running Windows 10 Pro or higher.  

Requirements:

  •  Windows 10

Instructions:

If your computer is currently encrypted with SafeBoot or other encryption software, you'll need to decrypt the hard drive before upgrading to Windows 10. Please open a Digital Service Desk ticket for decryption.

  1. From the Metro UI or the search box, type GPEDIT.MSC and press enter
  2. Open Computer Configuration => Administrative Templates => Windows Components => BitLocker Drive Encryption => Operating System Drives. From the right pane double-click "Require additional authentication at startup"

  3. Select Enabled radio button and check the box for "Allow BitLocker without a compatible TPM...". Click OK and close the policy editor.

  4. Right-click your C drive in the Computer folder, click Turn on BitLocker

  5. Select Enter a password

  6. Enter, then reenter your password (at least eight characters or more is recommended). Click Next

  7. Select Save to a file, then insert a USB flash drive to save the Recovery Key. The USB flash drive is NOT required to boot the machine. The Recovery Key is useful in case you forget your encryption password. We Recommend also Printing the key out as well. Click Next.

  8. Select "Encrypt entire drive...", click Next.

  9. Click Continue.

  10. A pop-up on the lower-right a prompt to restart the computer. Restart your PC.

  11. Enter the encryption password created in step six. If you are successful in getting into Windows, you're all set.

 

Related Articles:

 

Go to KB0018615 in the IS Service Desk

Related articles