This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 26%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETR%3C/text%3E%3C/svg%3E)
Hello!
I'm new in the Bitlocker Encryption.
Have a few questions:
Is there have any difference when you encrypt external (flash drive or HDD) with no OS when you use TPM or Not TPM Device?
How can I set up BitLocker to be 256 bits?
Is it better to stop SSD Hardware encryption and to use BitLocker software?
For Hard Drives without, OS is there has any difference between TPM and without TPM module encryption?
Thank you in advance.
1.Yes
2.Yes
3.It is up to you, I don’t use BitLocker to replace hardware excryption
4.Yes, a TPM isn’t something you have to think about much. Your computer either has a TPM or it doesn’t — and modern computers generally will. Encryption tools like Microsoft’s BitLocker and “device encryption” automatically use a TPM to transparently encrypt your files. That’s better than not using any encryption at all, and it’s better than simply storing the encryption keys on the disk, as Microsoft’s EFS (Encrypting File System) does.
Reference
BitLocker Frequently Asked Questions (FAQ)
https://video2.skills-academy.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831507(v=ws.11)
TPM “Trusted Platform Module” is a chip on your computer’s motherboard.
TPM with BitLocker provides more security.
So, you can use BitLocker on an operating system drive without a TPM.
I think this article gives you a good overview of BitLocker.
You can discuss about BitLocker Administration here.
I'm still not sure:
The selected answer seems to forget that TPM protectors cannot be created for non-OS drives. So it makes no difference if you have a TPM or not when encrypting external drives or internal non-OS drives.
Hello, TeemoTang-MSFT!
Thank you for this detailed answer.
What's the difference in the description for non OS disk if I use TPM 2.0 on my PC and after that move it to PC without TPM 2.0?
I'm afraid I have to disagree that all modern PC-s have TPM because I have Asus z390-f and Asus TUF b450-plus and don't also have I have there. I buy two modules from:
https://www.amazon.co.uk/gp/product/B01DQQLH74/ I think they will help.
Thank you for your time to help me.
You are welcome.
about your question:"What's the difference in the description for non OS disk if I use TPM 2.0 on my PC and after that move it to PC without TPM 2.0?"
Once a partition/drive has been encrypted by BitLocker with TPM 2.0 chip, it has been protected by BitLocker and TPM at the same time, even though it has been moved on another PC, it still was protected by BitLocker and TPM 2.0(both of them) continuously, so the security will be higher than encrypted without TPM.
Is this mean that if I have TPM 2.0 on my PC-s I don't need to use EFS file on flash drive?
Thanks for that you explain to me.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 13%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDR%3C/text%3E%3C/svg%3E)