Bitlocker on Windows 10 PC without TPM – with PIN and USB key


I set up Bitlocker on an old PC with Windows 10. As the PC had no TPM, I had to use a PIN for the key to the encrypted drive. Soon I regretted not having selected the USB dongle option. I searched the internet for a possibility to have both a PIN + a USB driveĀ option to unlock the drive. The latter is a nice option in a safe environment, no need to type the PIN at every boot.

The results from the internet search were discouraging, but nevertheless, there is an easy way to add the USB stick as a second option: Insert the USB drive to the port, open Command Prompt (Admin mode), and type:

manage-bde -protectors -add c: StartupKey x:

.. please replace the drive name (x:) with the appropriate drive where the USB drive is located at.

That’s all.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s