BitLocker boot files on usb stick

[Aaron [MCP]]

I would like to use BitLocker in the near future, though I haven't been
able to try it out since my motherboard doesn't contain a TPM chip. At the
moment the only thing I know about BitLocker is what I've read from the
manuals and help files. From what I understand, BitLocker requires two
partitions on a hard drive so that it can store unencrypted boot files on
one partition and encrypted files on the other. Though many motherboards
allow you to boot from a "usb hard drive".

It would be a nice feature in BitLocker if you were allowed to use a USB
stick to store your boot files on while storing encrypted data on a single
partitioned hard drive. This would enhance security since the operating
system would not be able to boot without the thumb drive. Is there any
change for this feature to be included in future versions of BitLocker?

-Aaron [MCP]

 

[AJR]

It is not necessary to have a TPM compatible motherboard - there is an
optional BitLocker procedure in that instance.

BitLocker does not provide booting from USB - the key to permit normal boot
is contained in the USB device.

 

[Aaron [MCP]]

The unencrypted partition is about the size of a normal USB drive, do you
think there would be a problem with it storing boot files onto a USB drive
(along with the backup key) instead of the hard drive? I can see a lot of
advantages to this.

-Aaron

It is not necessary to have a TPM compatible motherboard - there is an
optional BitLocker procedure in that instance.

BitLocker does not provide booting from USB - the key to permit normal
boot is contained in the USB device.

I would like to use BitLocker in the near future, though I haven't
been able to try it out since my motherboard doesn't contain a TPM chip.
At the moment the only thing I know about BitLocker is what I've read
from the manuals and help files. From what I understand, BitLocker
requires two partitions on a hard drive so that it can store unencrypted
boot files on one partition and encrypted files on the other. Though
many motherboards allow you to boot from a "usb hard drive".

It would be a nice feature in BitLocker if you were allowed to use a
USB stick to store your boot files on while storing encrypted data on a
single partitioned hard drive. This would enhance security since the
operating system would not be able to boot without the thumb drive. Is
there any change for this feature to be included in future versions of
BitLocker?

-Aaron [MCP]

 

[Lang Murphy]

I don't understand what you're trying to do but... I don't think you're
going to get Vista to boot from a USB drive... no matter how large...

Lang

The unencrypted partition is about the size of a normal USB drive, do you
think there would be a problem with it storing boot files onto a USB drive
(along with the backup key) instead of the hard drive? I can see a lot of
advantages to this.

-Aaron

It is not necessary to have a TPM compatible motherboard - there is an
optional BitLocker procedure in that instance.

BitLocker does not provide booting from USB - the key to permit normal
boot is contained in the USB device.

I would like to use BitLocker in the near future, though I haven't
been able to try it out since my motherboard doesn't contain a TPM chip.
At the moment the only thing I know about BitLocker is what I've read
from the manuals and help files. From what I understand, BitLocker
requires two partitions on a hard drive so that it can store unencrypted
boot files on one partition and encrypted files on the other. Though
many motherboards allow you to boot from a "usb hard drive".

It would be a nice feature in BitLocker if you were allowed to use a
USB stick to store your boot files on while storing encrypted data on a
single partitioned hard drive. This would enhance security since the
operating system would not be able to boot without the thumb drive. Is
there any change for this feature to be included in future versions of
BitLocker?

-Aaron [MCP]

 

[Dennis Pack]

Aaron:
A valid TPM chip isn't required to use BitLocker. Refer to
http://technet.microsoft.com/en-us/windowsvista/aa905065.aspx for a basic
overview. To setup BitLocker follow the BitLocker step-by-step guide located
at http://technet.microsoft.com/en-us/windowsvista/aa905089.aspx for the
setup with or without a valid TPM chip. Have a great day.