• smileyhead
    link
    fedilink
    English
    arrow-up
    21
    arrow-down
    24
    ·
    10 months ago

    Solution: Just encrypt it with a password.

    • BaroqueInMind@kbin.social
      link
      fedilink
      arrow-up
      36
      arrow-down
      5
      ·
      10 months ago

      Bit locker is a password controlled drive encryption. Am I being dumb or are you seriously saying that?

      • tias
        link
        fedilink
        English
        arrow-up
        26
        ·
        edit-2
        10 months ago

        I guess they mean use the password as part of the encryption key, or encrypt the key with the password. Bitlocker doesn’t use the user’s password in that way, which is why it can boot an encrypted system without user interaction. That part always seemed very sketchy to me.

          • tias
            link
            fedilink
            English
            arrow-up
            3
            ·
            10 months ago

            Thanks, that sounds really useful. I’m guessing it won’t work unless you’re local admin though.

              • tias
                link
                fedilink
                English
                arrow-up
                2
                arrow-down
                4
                ·
                edit-2
                10 months ago

                Which kind of makes it useless in many corporate environments where it’s most needed, since the users won’t be able to set their own password.

                • d3Xt3r@lemmy.nz
                  link
                  fedilink
                  English
                  arrow-up
                  5
                  ·
                  10 months ago

                  I mean, if it’s a corporate device then it’s really a policy IT should be setting - this can be easily be done via a GPO or Intune policy, where an elevated script can prompt the end-user for a password.

                  • LifeInMultipleChoice@lemmy.world
                    link
                    fedilink
                    English
                    arrow-up
                    2
                    ·
                    edit-2
                    10 months ago

                    Yarp. And when they forget it we use the 48 numerical recovery key found using the recovery ID that shows on the screen when you hit escape (from the bitlocker screen)

                  • lud@lemm.ee
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    10 months ago

                    It would be insane to let non admin change settings like this.