I apoligize if this question has been asked, but I didn't see it when I
searched the forum and elsewhere on the web.
I have a laptop that I have been considering Whole Drive Encryption on for a
The options that I am aware of are PGP Whole Drive Encryption, TrueCrypt,
I have Vista Ultimate and BitLocker is one of the big reasons I got
Ultimate, but BitLocker doesn't seem to be as straight forward as some of the
other options which is irratating.
My laptop does not have a TPM chip. From what I have read, this means that
to use BitLocker I must use a USB drive to store the key.
Before I go any further down this road, I have no idea if my laptop's BIOS
supports a USB drive pre-boot.
In addition, the BitLocker driver preperation tool was unable to create a
partition for BitLocker. I'm not sure why, but my first thought is that it
wants to move the paging and hybernate files and can't. There is a long set
of instructions that I found where you can "try" to work around this with no
garuntee that it will work.
So... Before I try to go that route I was wondering if anyone could answer
some questions about BitLocker so I know if it is really what I want.
In all of the instructions that I read on how to install BitLocker without a
TPM, the instructions always state that you plug your usb key in, boot the
system, and Vista comes up. There is never a mention of a password. Is this
correct? If so, all someone would need to gain access to the laptop would be
the USB key. This sounds unsecure to me. If my laptop was stolen there is a
very good chance the USB key would be with it. I can try to take it with me
whenever possible, but that isn't always practical or likely. Its not like a
car key that I can stick in my pocket every time I get out of the car.
Is there any way to use BitLocker without a TPM that utilizes a password? I
know there is the recovery password, but a 48 digit random code isn't easy to
My preference would be to use BitLocker since I already bought it.
PGP looks like a good option, but its a couple hundred dollars I think.
TrueCrypt is free, but I'm a little nervouse about using a free product to
encrypt my entire hard drive. Maybe I shouldn't be biased, but if something
goes wrong with this it will be painful to recover. I have used TrueCrypt to
create encrypted volumes before and it works well but is a hassle to mount
and unmount them all the time.