Home > News Tips

How to Use BitLocker Without TPM

Updated on Tuesday, December 3, 2024

iBoysoft author Eudora Liu

Written by

Eudora Liu
Professional tech editor

Approved by

Jessica Shee

English

Summary: You'll soon learn how to use BitLocker without TPM in this article from iBoysoft, which includes why BitLocker needs TPM as well.

How to use BitLocker without TPM

As we all know, BitLocker's full-disk encryption requires typically a computer with Trust Platform Module (TPM), so if you try to use BitLocker without TPM, you'll be told your administrator must set a system policy option.

However, BitLocker is only suitable for Professional, Education, and Enterprise editions of Windows, including Windows 7 Ultimate, but not for any Home edition of Windows. If you want to use BitLocker on Windows 10/11 Home, you can take 

Thus, there comes a problem with how to use BitLocker without TPM. Don't worry, you'll get the answer in this article.

If you think this tutorial is useful, don't forget to share it with your friends!

 

Why does BitLocker need TPM?

BitLocker provides maximum protection when used with a TPM version 1.2 or later versions. It works with BitLocker to help protect user data and to ensure that a computer hasn't been tampered with while the system is offline.

BitLocker can use TPM to verify the integrity of the early boot components and Boot Configuration Data. This helps ensure BitLocker makes the encrypted drive accessible only if those components have not been tampered with and the encrypted drive is located in the original computer.

How to use BitLocker without TPM?

BitLocker encrypts the data on your hard disk and then stores the encryption key on TPM. By reconfiguring the default BitLocker settings, you can also use BitLocker without TPM.

You can use BitLocker without TPM through a Group Policy change. But you can't change the Group Policy setting yourself if your computer is joined to a business or school domain.

Here's how to use BitLocker by changing Group Policy:

  1. Press Win + R to get the Run dialog box.
  2. Type in gpedit.msc and press Enter.
  3. Go to Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives.
  4. Double-click the control panel settings, and then turn to Enable Advanced Startup Option.
  5. Choose Enabled.
  6. Click Apply and then click OK, Enable Advanced Startup Option will be closed.
  7. Close the Group Policy Object Editor window, and the change is finished.

Change Group Policy

If you think this post is helpful for you to use BitLocker without TPM, don't forget to click the below button to share it on your social media.