Forum Discussion

MichaelG99's avatar
MichaelG99
Copper Contributor
Feb 26, 2024

Configure Bitlocker on TCG Opal 2 SSD

Is it possible to configure Windows 10 Pro BitLocker to use the hardware encryption built into a TCG Opal 2.0 SSD and a startup PIN? 

I have previously setup software BitLocker with a startup PIN and hardware BitLocker without a PIN. To configure the two together I installed a new 870 Evo SSD in a separate computer, used Samsung Magician to set SSD security to "security ready to be enabled", moved the SSD to the target computer and performed a fresh Windows 10 pro installation. I then enabled the local computer policy BitLocker setting "Configure use of hardware-based encryption for operating system drives" to prevent software-based encryption and enabled the setting "Require additional authentication at startup" to allow TPM + PIN. However, on beginning BitLocker, an error message appeared stating software encryption is not available because of the registry setting. After reversing the BitLocker hardware setting, software BitLocker with TPM and PIN proceeded as usual. 

Is it possible to have BitLocker hardware encryption with a PIN? 

No RepliesBe the first to reply

Resources