Event details

Looking to simplify setup and configuration for new devices? Let’s talk about Windows Autopilot! The engineering team will be on camera and ready to answer your questions. Whether you are seeking to ...
Pearl-Angeles
Updated Oct 14, 2025
AMA
Tech Community Live
Dirk-Official's avatar
Dirk-Official
Brass Contributor
Jul 28, 2025

Any plans of integrating asking the user for a Bitlocker pre-boot PIN in the device prep process?

Hung_Dang's avatar
Hung_Dang
Icon for Microsoft rankMicrosoft
Jul 28, 2025

Could you clarify the flow you're thinking of?  It's not clear what "pre-boot" PIN here means.

  • Dirk-Official's avatar
    Dirk-Official
    Brass Contributor
    Jul 28, 2025

    Pre-boot PIN: A PIN you need to provide before Windows actually can start. As this is user-defined, solutions like this one here are used quite often: https://oliverkieselbach.com/2019/08/02/how-to-enable-pre-boot-bitlocker-startup-pin-on-windows-with-intune/

    • Jason_Sandys's avatar
      Jason_Sandys
      Icon for Microsoft rankMicrosoft
      Jul 28, 2025

      Do you mean providing a path for the interactive user to configure a new pre-boot authenticator (PBA aka BitLocker PIN) during the Autopilot process?

      Or, do you mean having BitLocker enabled and protecting the system volume during Autopilot so that the user has to enter the PBA during Autopilot to unlock the volume?

      • Dirk-Official's avatar
        Dirk-Official
        Brass Contributor
        Jul 28, 2025

        The first one. 

        Given the negative impact on usability introduced by pre-boot authentication, the complexity it adds in Endpoint Management (->ensuring that the BitLocker PIN is set after the first login etc.) quite often leads to "no PBA at all".