Thursday, April 10, 2008

Bitlocker Drive Prepartion Tool

In the early days of Windows Vista. Bitlocker is so much work, most people will give up before completing it (and end up with a corrupted HDD maybe). The problem IS (yes, still there because Microsoft has not really address it) nobody told you how the HDD should be properly partitioned for Bitlocker. This was not even mentioned in the Windows Vista installation. You will only come to realized this after fully installed and you tried to enable Bitlocker. Back then, the only answer (unless you ahve Partition Magic, Partition Manager etc) wil lbe to reformat you Windows Vista and restart.

The ideal installation should consist of these (to be politically correct, I lifted these from Microsoft) :

  1. Have at least two partitions. One partition must include the drive Windows is installed on. This is the drive that BitLocker will encrypt. The other partition is the active partition, which must remain unencrypted so that the computer can be started. Once you've encrypted the drive Windows is installed on, you can also encrypt additional data drives on the same computer.
  2. Be formatted with the NTFS file system.
  3. Have a BIOS that is compatible with TPM and supports USB devices during computer startup. If this is not the case, you will need to update the BIOS before using BitLocker. For more information on updating your BIOS, see Update the BIOS for BitLocker Drive Encryption.
Take note of point 3. Thats hardware limitation. Most laptop can do it. If yours can't and it says Vista Ultimate compatible, sue them.

Now, let's talk about present day. There is hope. Just download something known as Bitlocker Drive Prepartion Tool. It will shift you partition and create the additional partition required for Bitlocker. You can either split or merge to make the space. This tool handles it pretty well. After a reboot, you will be ready to enable it. Make sure you follow the steps to save BOTH the key and the recovery key. Make copies of it in as many places as possible and stored them security. Storing it with your dog, for example, will not be "securely".

So, here is the full details and how you can get the tool. Basically, Windows Update :

