1.Yes
2.Yes
3.It is up to you, I don’t use BitLocker to replace hardware excryption
4.Yes, a TPM isn’t something you have to think about much. Your computer either has a TPM or it doesn’t — and modern computers generally will. Encryption tools like Microsoft’s BitLocker and “device encryption” automatically use a TPM to transparently encrypt your files. That’s better than not using any encryption at all, and it’s better than simply storing the encryption keys on the disk, as Microsoft’s EFS (Encrypting File System) does.
Reference
BitLocker Frequently Asked Questions (FAQ)
https://video2.skills-academy.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831507(v=ws.11)
Bitlocker questions.
Hello!
I'm new in the Bitlocker Encryption.
Have a few questions:
Is there have any difference when you encrypt external (flash drive or HDD) with no OS when you use TPM or Not TPM Device?
How can I set up BitLocker to be 256 bits?
Is it better to stop SSD Hardware encryption and to use BitLocker software?
For Hard Drives without, OS is there has any difference between TPM and without TPM module encryption?
Thank you in advance.
-
Teemo Tang 11,396 Reputation points
2020-07-20T07:25:25.643+00:00
6 additional answers
Sort by: Most helpful
-
T. Kujala 8,711 Reputation points
2020-07-18T06:48:26.223+00:00 TPM “Trusted Platform Module” is a chip on your computer’s motherboard.
TPM with BitLocker provides more security.
So, you can use BitLocker on an operating system drive without a TPM.
I think this article gives you a good overview of BitLocker.
You can discuss about BitLocker Administration here.
-
Tsvetan Radushev 21 Reputation points
2020-07-19T17:54:57.027+00:00 I'm still not sure:
- Is there have any difference when you encrypt external (flash drive or HDD) with no OS when you use TPM or Not TPM Device?
- Can I set up BitLocker to use 256 encryption?
- Is it better to stop SSD Hardware encryption and to use BitLocker software?
- For Hard Drives without, OS is there has any difference between TPM and without TPM module encryption?
-
Tsvetan Radushev 21 Reputation points
2020-07-20T09:54:53.117+00:00 Hello, TeemoTang-MSFT!
Thank you for this detailed answer.
What's the difference in the description for non OS disk if I use TPM 2.0 on my PC and after that move it to PC without TPM 2.0?
I'm afraid I have to disagree that all modern PC-s have TPM because I have Asus z390-f and Asus TUF b450-plus and don't also have I have there. I buy two modules from:
https://www.amazon.co.uk/gp/product/B01DQQLH74/ I think they will help.Thank you for your time to help me.
-
Tsvetan Radushev 21 Reputation points
2020-07-26T20:49:56.587+00:00 - Okay and if I need to change a drive to a new PC without TPM 2.0 once after I write recovery key that I have this will change the security level to without TPM or?
- I see your answer "4.Yes, a TPM isn’t something you have to think about much. Your computer either has a TPM or it doesn’t — and modern computers generally will. Encryption tools like Microsoft’s BitLocker and “device encryption” automatically use a TPM to transparently encrypt your files. That’s better than not using any encryption at all, and it’s better than simply storing the encryption keys on the disk, as Microsoft’s EFS (Encrypting File System) does."
Is this mean that if I have TPM 2.0 on my PC-s I don't need to use EFS file on flash drive?
Thanks for that you explain to me.