What's new

Windows 10 Dual Boot and Bitlocker

wynand32

Well-Known Member
Okay, so, for those folks who are dual-booting Windows 10 on their SP3: is Bitlocker working for you? On mine, for both the Win 8.1 and the Win 10 partitions, in modern UI settings Bitlocker shows as suspended (although in Control Panel it shows as turned on). And, I can access files from the other partition without entering the encryption key, and that doesn't seem right.

???
 
I wasn't able to dual boot due to what I think is a Bitlocker issue, but it is indeed working on the Win10 drive/partition.

I was originally trying to setup a dual partition with Windows 8.1 and Win10, so I turned off Bitlocker thinking that would help. It did not, so I ended up installing over Win8.1. Other than that, no other issues with Bitlocker at the moment.
 
Are you using the same account on both? not sure if it would pull it from there but the key is synced to your account... but then with it suspended its not actually on.
 
I might be wrong, but as far as I understood the key is not synced to your Microsoft account, it is stored in the TPM chip (or some related chip) and is only released to a signed operating system running on that specific machine and only if the hardware has not been compromised. You must disable booting from USB and set a UEFI administrator password in order to prevent other operating systems to be booted and obtaining the key.

I am also new to BitLocker with the SP3 and still learning, so if this is somehow incorrect or imprecise, I would ask anybody reading this thread to post and clarify. :)
 
Okay, maybe something interesting, and a clarification.

1. @Antitoon: the Bitlocker key can be saved to your Microsoft account via Control Panel, but it's not by default.

2. Seems like maybe the modern US settings are saying Bitlocker is suspended because it's showing as off for the D: partition, which is Windows 10. The Control Panel shows Bitlocker as on for the system partition, but off for the D: partition--maybe it's just confused? Because when D: is the system partition (i.e., I've booted to Windows 10), then Control Panel there shows Bitlocker as on and off for the D: drive (which is now Windows 8.1).

But, I can still access D: from both systems, which it seems like I shouldn't be able to do. Or maybe I should. Or not. Or something.

Gack.
 
Okay, so, I'm a bit of an idiot. Or not being careful. Or both.

So, I checked again, and actually Bitlocker was NOT turned on in Windows 10. So, that partition wasn't encrypted. I turned it on (had to turn off virtual memory and system restore so the utility could shrink the drive, same thing I had to do when I partitioned for dual boot).

Now, Bitlocker is showing as on everywhere in both systems, and I cannot access the D: partition (as I had originally expected). So, in short, mystery solved.
 
Last edited:
I might be wrong, but as far as I understood the key is not synced to your Microsoft account, it is stored in the TPM chip (or some related chip) and is only released to a signed operating system running on that specific machine and only if the hardware has not been compromised. You must disable booting from USB and set a UEFI administrator password in order to prevent other operating systems to be booted and obtaining the key.

I am also new to BitLocker with the SP3 and still learning, so if this is somehow incorrect or imprecise, I would ask anybody reading this thread to post and clarify. :)
Sorry its the bitlocker recovery key aka password in your Microsoft account unless its Domain joined.
 
Back
Top