How to Allow Bitlocker without a Trusted Platform Module (TPM) in Windows 7?


Note: To use Bitlocker without a TPM you will need a USB flash drive which will be used to store the recovery key. This USB drive will be needed to be plugged in before you start your PC so that partitions containing the operating systems(s) can be unlocked if you ahve turned on Bitlocker without TPM.


You will first need to set Windows 7 to use Bitlocker without TPM in the following way:

1) Open Local Group Policy Editor and expand the following location in the left pane





Figure 1


2) Double click on the option Require additional authentification at startup in the right pane

3) Select the dot Enabled and check the option Allow Bitlocker without a compatible TPM to allow Bitlocker to run without TPM

OR

To use Bitlocker with only TPM first turn off Bitlocker and then select the dot Not Configured or Disabled.



Figure 2


4) Click OK button

5) Close Local Group Policy Editor

6) Click Start button. Type gpupdate.exe /force in the search space and hit Enter key



Figure 3


7) You will notice a command prompt window about the success message for a brief time.


Important:

If you have allowed Bitlocker to be used without a TPM via above settings then visit the link Turn On or Off Bitlocker Drive Encryption to know how to turn on Bitlocker.

In the above link you will have to save the recovery key in the USB drive instead of a file as shown in step 4.

You will then have to make sure that USB drive is plugged in before every startup of your PC if you have turned on Bitlocker. Otherwise the partitions containing the operating system(s) will not be unlocked.


More Windows 7 articles