BitLocker is a full volume encryption feature included with Microsoft Windows versions starting with Windows Vista. It is designed to protect data by providing encryption for entire volumes. By default, it uses the AES encryption algorithm in cipher block chaining or XTS mode with a 128-bit or 256-bit key.
While trying to install Bitlocker Drive Encryption to the C: on my Windows 10 machine.
The following error was prompted as shown in the image below.
Let’s review the key term “TPM” and how to resolve this issue.
Trusted Platform Module (TPM) – This is a chip that resides on newer processors that have additional security features. With TPM, the encryption key is stored on the chip itself.
Note: If your chip does not support TPM, you can still use BitLocker, then you will have to save (store the keys) in a safe location such as Active Directory, Microsft Azure or on a USB stick etc. kindly follow the procedures listed below to resolve this issue.
Launch Group Policy and enable the following exception
- Using your keyboard ''Windows key+R'' or search for "run" - Type: gpedit.msc then hit "ok" or press "Enter" on your keyboard - Expand Administrative Templates then Windows Components - Bitlocker Drive Encryption then - Click Operating System Drives as shown below.
Double click or right-click “Require additional authentication at startup”
click Edit and select enabled as shown below. - Select Enabled and - Check the box to allow BitLocker without compatible TPM in the Options section. Note: Most times this option is selected by default.
The last steps involve enforcing the settings.
From the Start menu - Type run or Press Windows Key + R to launch the run wizard - Type cmd as shown below - gpforce.exe /update and - Press Enter. That is all ;)
I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.