Hello community. I need some help, before i'm coming crazy. Can someone have a to do list to make that i can have the option "cypher my device" (sorry it's a french to english traduction) appearing in "parameters" on win10 Basically, i need to know how to use win10 integrated cryting function to encrypt a new disk on new laptop. The computer was tpm 2.0, the disk was tgc-opal compliant. A big thanks to people that can help me.
what exactly do you want to encrypt? just the windows partition? the whole hard drive? fresh windows set up or already preconfigured?
You are searching for Windows bitlocker. It's available on windows 10 pro on any device and windows 10 home if tpm and secure boot are enabled and the system supports hardware level encryption, Use "manage-bde" or control panel to manage bitlocker.
Im wonder about your answers and suggestions! You may not have noticed that there was written: "The computer was tpm 2.0, the disk was tgc-opal compliant." Therefore, probably he is talking about the TCG Opal stands.
If the ssd has hardware level encryption enabled, bitlocker will use it for minimal impact on system performance. Some ssds require that you use a tool (ex. samsung magician) to enable the security feature and only then you can enable bitlocker. 1. enable ssd hardware encryption feature with the tools provided by your ssd manufacturer. some ssd's will wipe itfself when you do this 2. install windows (if needed) 3. enable bitlocker. search for "bitlocker" on windows PRO, ultimate or enterprise editions (vista/7/8/10). save the recovery key! There are some known security vulnerabilities on some hardware encrypted ssds. For those cases, software encryption might be a better option
You must buy the OEM SSD or nvme from the manufacturer eg HP, Dell, Acer, etc... a retail SSD drive won't work.
I'm going to try this. But i have (at work) surface tablet that just purpose encript drive as an option of windows, without use bitlocker, so it's near like "macnavarra" said "use drive provided by manufacturer". Stupidly i have supposed that if i have computer tmp 2.0 and SSD TCG OPAL i can use/have the native functionnality on win10 Pro, and dont use bitlocker. thanks for your reply, i'm going to search information, but it's difficult to find precise answers. Last thing : can you confirm me that bitlocket use hardware encryption of SSD (tgc opal or aes 256).
There is no automatic encryption on any version of Windows. That would be pure madness. One ALWAYS needs a recovery key. And automatically there is NO WAY to provide such key to user! Ofcourse Bitlocker can be USER initiated (unless you are running in Enterprise environment with MBAM, where it is really automatic) Seems like some of you heard the term, but not idea what it means...