Difference between revisions of "Bitlocker"
| [quality revision] | [quality revision] |
| Line 48: | Line 48: | ||
If it does, this could indicate a problem with your laptop's configuration that should be addressed by IT support. | If it does, this could indicate a problem with your laptop's configuration that should be addressed by IT support. | ||
| − | Recovery screen instructions | + | ==Recovery screen instructions== |
# Contact DTU Compute IT support from another device or phone. You will be asked for the first 8 characters in the Recovery Key ID shown on the screen and your DTU login name. | # Contact DTU Compute IT support from another device or phone. You will be asked for the first 8 characters in the Recovery Key ID shown on the screen and your DTU login name. | ||
# IT support will retrieve the 48 characters long Recovery key that must be typed into the textbox on the Recovery screen. | # IT support will retrieve the 48 characters long Recovery key that must be typed into the textbox on the Recovery screen. | ||
# You should be able to boot into Windows. Restart the laptop to verify the Bitlocker recovery screen does not occur a second time. | # You should be able to boot into Windows. Restart the laptop to verify the Bitlocker recovery screen does not occur a second time. | ||
| − | In some cases these steps are also needed: | + | * In some cases these steps are also needed: |
# After logon go to Control Panel -> BitLocker Drive Encryption | # After logon go to Control Panel -> BitLocker Drive Encryption | ||
# Click "Suspend protection" option next to the C: drive | # Click "Suspend protection" option next to the C: drive | ||
Revision as of 19:46, 17 February 2021
UNDER CONSTRUCTION
Bitlocker is a Windows feature that encrypts data on all fixed drives (i.e. C:). The encryption protects data from unauthorized access in the events of theft or lost equipment.
Contents
Which computers are Bitlocker encrypted?
Only laptops installed at DTU Compute IT support will have Bitlocker activated. Laptops installed before February XX, 2021 will not have Bitlocker automatically activated.
If "DTU Software Center" is found in the Start menu, it can be activated manually by IT support on request. If it doesn't have "DTU Software Center", the laptop has to be reinstalled before Bitlocker can be activated.
How can I check if Bitlocker is activated?
If Bitlocker encryption has not finished when you receive the laptop from IT support, the encryption should start within 2 hours, but only if if you have logged on while either on campus or connected to DTU network through VPN.
The encryption process begins automatically through an automated network profile update, without the need for user interaction. You should not experience any changes, but you might notice a temporary message either as a popup or in the Message Center.
The encryption does not require the laptop to be connected to the network once it has commenced.
You will be able to work as normally during the Bitlocker encryption. If the laptop is shutdown or goes into sleepmode during the encryption, the process will resume the next time you turn on the laptop and login.
If you are unaware if Bitlocker is already active on your laptop, you can open "This PC" and check for a padlock icon on your C: drive. If present, it indicates that the drive is encrypted.
You can check the status of the encryption process in the Control Panel -> Bitlocker Drive Encryption.
Bitlocker recovery screen
If upon booting your laptop you are prompted with the "Bitlocker recovery" screen and the message "enter the recovery key for this drive" you will need to contact IT support to get your recovery password.
After entering the password, you should be able to boot normally. After booting and logging in, you should restart your computer to verify that the Bitlocker Recovery screen does not occur a second time.
If it does, this could indicate a problem with your laptop's configuration that should be addressed by IT support.
Recovery screen instructions
- Contact DTU Compute IT support from another device or phone. You will be asked for the first 8 characters in the Recovery Key ID shown on the screen and your DTU login name.
- IT support will retrieve the 48 characters long Recovery key that must be typed into the textbox on the Recovery screen.
- You should be able to boot into Windows. Restart the laptop to verify the Bitlocker recovery screen does not occur a second time.
- In some cases these steps are also needed:
- After logon go to Control Panel -> BitLocker Drive Encryption
- Click "Suspend protection" option next to the C: drive
- Click "Yes" to the "Do you want to suspend BitLocker protection?" and now wait a few minutes
- Click the "Resume protection" option to update BitLocker TPM.
What causes Bitlocker to ask for recovery key?
It can be caused by many reasons for example: hardware changes, BIOS changes (i.e. disabling Secure Boot), motherboard replacement, malware attack, hard drive crash, system crash, or the program believes the data might be under attack.
