Vista without TPM chip support, enable BitLocker encryption via USB move disk

BitLocker is a hardware encryption technology for Vista, combining the TPM (Trusted Platform module Trust platform modules) on the motherboard to encrypt the entire disk or a volume, not as NTFS EFS works at the file system level. Instead, work at the bottom of the disk and start working when the system starts.

The Vista Home & Business Edition does not support BitLocker technology, the Enterprise version is supported only after joining the domain, only the flagship version fully supports BitLocker, because BitLocker stores its own encryption & decryption key on a hardware other than the hard drive. Therefore need hardware support: Motherboard TPM chip support, or USB mobile storage devices (such as USB disk, the system needs to support USB boot)

Vista release time is not long, so support TPM1.2 security chip motherboard is not much, to enable Bitlocker on the machine without TPM chip, we can use the USB disk instead, the following steps:

1:gpedit.msc-"Computer Configuration-Administrative Templates-windows components-bitlocker Drive Encryption", double-click Control Panel Settings-enable advanced startup options-Select enabled, the following "Allow BitLocker when there is no compatible TPM" is automatically ticked, Determine application

2: Open the "Configure encryption Method" property, select the encryption method, the default is "containing diffuser AES 128-bit"

3: Open "Control Panel-Security", select "BitLocker Drive Encryption", "Enable BitLocker", choose "require a USB password to start every time" to store the relevant encryption key in the USB disk

4: The system requires a BitLocker system check to run after the password has been successfully saved, and it is recommended that you do not skip this step, for BitLocker to read the recovery & encryption key correctly before encrypting it.

5: On the operation, Vista will automatically encrypt the system in the partition, and the system tray in the lower right corner will display state information, the overall time required depends on the size of the partition and computer processing capacity, after the encryption will restart, so the system under the BitLocker protection.

6: After each boot, must be inserted into the USB disk to improve the system, so be sure to keep a good USB disk, so as to avoid loss of data loss, to turn off BitLocker, into the "Control Panel-Secure-bitlocker Drive Encryption-off BitLocker", according to the prompts to close or disable .

Note: The General people do not recommend to enable BitLocker, easy to "prevent a thief is not a reverse eclipse of a meter", only involved very important confidential data, only recommend the use of this encryption method