Decrypting a Bitlocker HDD connected to SATA USB cable
buglawton
Posts: 9,235 Forumite
in Techie Stuff
If I try to open my old windows 10 Bitlocker-encrypted hard drive via the SATA adapter cable from the original machine (a Windows laptop 10, now on SSD), I can simply paste in the key and open the external drive.
On a different (Windows 7) machine I am told that the key is incorrect. In both cases the same correct encrypted volume ID is shown.
Any explanation?
On a different (Windows 7) machine I am told that the key is incorrect. In both cases the same correct encrypted volume ID is shown.
Any explanation?
0
Comments
-
On your original machine there is an entry in the TPM system for the HDD as it was an internal drive so all matches.
A different machine, even another win 10 one will have problems because there is no TPM entry for it. because it is Bitlockered as an internal drive then Bitlocker expects to see a TPM entry.
I suggest you decrypt it on your original machine and re encrypt using Bitlocker to go. That should allow you to use it on other machines0 -
^^ Great answer
Basically when you encrypt the drive and generate a key, part of that key is kept on the TPM chip inside the computer.0 -
Thanks guys, I never realised that Bitlockered HDDs are keyed to their original machines. So if your PC with an encrypted drive fails completely, you cant retrieve your data. In that respect Ive been living with a false sense of security.0
-
Thanks guys, I never realised that Bitlockered HDDs are keyed to their original machines. So if your PC with an encrypted drive fails completely, you cant retrieve your data. In that respect Ive been living with a false sense of security.
Yep, motherboard failure means you lose everything. It only needs to happen once to concentrate the mind on the importance of regular backups.
We see it in work. No matter how many times they are told that all data needs to be on the network drives they still insist on saving it to the desktop risking not only loss due to hardware failure but also profile corruption.0 -
unforeseen wrote: »On your original machine there is an entry in the TPM system for the HDD as it was an internal drive so all matches.
A different machine, even another win 10 one will have problems because there is no TPM entry for it. because it is Bitlockered as an internal drive then Bitlocker expects to see a TPM entry.
I suggest you decrypt it on your original machine and re encrypt using Bitlocker to go. That should allow you to use it on other machines
Nice. Even I didn't know that.0 -
On MS website, it’s ambiguous:
https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions
Can I access my BitLocker-protected drive if I insert the hard disk into a different computer?
Yes, if the drive is a data drive, you can unlock it from the BitLocker Drive Encryption Control Panel item just as you would any other data drive by using a password or smart card. If the data drive was configured for automatic unlock only, you will have to unlock it by using the recovery key. The encrypted hard disk can be unlocked by a data recovery agent (if one was configured) or it can be unlocked by using the recovery key.
I guess it hangs on the definition of what is a data drive.0 -
Sorry but you can open an encrypted Bitlocker drive on another machine. You don't even have to have TPM enabled (or present).
You do of course need the right key, the really long numeric one.
I suspect the problem you are seeing is you are trying on Windows 7 vs Windows 10. If it has been encrypted on Windows 10 then try it on another Windows 10 laptop or machine.0 -
unforeseen wrote: »Yep, motherboard failure means you lose everything. It only needs to happen once to concentrate the mind on the importance of regular backups.
We see it in work. No matter how many times they are told that all data needs to be on the network drives they still insist on saving it to the desktop risking not only loss due to hardware failure but also profile corruption.
I think you need a new IT department in that case ...
It would be a bit a real challenge if broken hardware caused complete lock out.
So long as the key is saved, which is a challenge if you let the users do Bitlocker themselves then you can unlock it on a different device same OS. That's why if you do into a network environment you should do it with Bitlocker managed centrally, that way somebody forgets it you still have a secure backup.
I am looking at a encrypted drive at the moment from a different machine. It prompts me for the key to unlock ...0 -
If you replace the motherboard you will not get back into the HDD no matter how many recovery keys you have.
Bitlocker is controlled centrally so keys are not a problem0 -
unforeseen wrote: »If you replace the motherboard you will not get back into the HDD no matter how many recovery keys you have.
Bitlocker is controlled centrally so keys are not a problem
Sorry but you are giving really bad advice here yes its possible to recover bitlocker drives. That's the whole point of the recovery key, the 48 numeric character one :cool:
The TPM effectively prevents you from entering this information each time, it doesn't store additional information that is required to unlock the drive.
Motherboard failure is quite common in large organisations in laptops due to the wear and tear they get.
Have a look at some threads here on Technet or Google it
https://social.technet.microsoft.com/Forums/windows/en-US/d7be2e19-3eb2-4e7f-8d6a-c7f0f5474b93/bitlocker-new-motherboard-replacement?forum=w7itprosecurity
That's on Windows 7 and it was a damn sight harder back then.0
This discussion has been closed.
Categories
- All Categories
- 343.1K Banking & Borrowing
- 250.1K Reduce Debt & Boost Income
- 449.7K Spending & Discounts
- 235.2K Work, Benefits & Business
- 607.8K Mortgages, Homes & Bills
- 173K Life & Family
- 247.8K Travel & Transport
- 1.5M Hobbies & Leisure
- 15.9K Discuss & Feedback
- 15.1K Coronavirus Support Boards