If you try to turn BitLocker on for your OS drive in Windows 10 and thus encrypt the system drive, under certain circumstances, you might get the below error message:
This device can’t use a Trusted Platform Module. Your administrator must set the “Allow BitLocker without a compatible TPM” option in the “Require additional authentication at startup” policy for OS volumes.
If you still want to encrypt your OS drive with BitLocker, then there is a way to overcome this problem.
Here are the steps.
Step 1: Press the Windows Key and R and you will get the “Run” dialog. In the Run dialog type gpedit.msc and click on “OK”:
The above action will open the Local Group Policy Editor.
Step 2: In the Local Group Policy Editor navigate to “Computer Configuration –> Administrative Templates –> Windows Components –> BitLocker Drive Encryption –> Operating System Drives”, and double click on the “Require additional authentication at startup” policy. In the dialog that pop ups, check the “Enabled” option (you will notice that the option “Allow BitLocker without a compatible TPM…” will be also automatically checked), click on “Apply” and then “OK“.
Step 3: Start the command prompt as administrator, type the below command and press Enter:
The above command will update the group policy on your PC.
Now, if you try to turn BitLocker on for the Operating System drive you won’t get the “Trusted Platform Module” error anymore.
Advice: Always backup your BitLocker recovery keys at a safe place (not on the same PC that you encrypted) when encrypting your drives, in order to be able to recover in the case you forgot the password or on a similar situation. Use encryption only if you know what you are doing.
Reference: TechHowTos.com (http://www.techhowtos.com)
Recommended eBooks on SQL Server:
Rate this article: