Q: I recently installed BitLocker on my laptop in an effort to provide security for the data in the event the computer is lost or stolen. I used the option to create a Startup Key with a USB drive and it works fine. The only problem is that whenever I try to create a copy of the Startup Key using the BitLocker Manager everything seems to work, but when I try to use the copy the computer refuses to boot. I've tried several different USB drivers to no avail. The only way to get things going again is to use the original Startup Key.
— Brad Austin
A: For those who don't know, BitLocker is a drive encryption application that is provided with the Ultimate version of Microsoft Windows 7.
As it happens, the problem isn't with either BitLocker or with your USB drives. It's with your laptop's BIOS. Specifically, in some cases the BIOS software — the software that controls your computer until the operating system loads — doesn't recognize USB drives over a specified capacity. Once the computer's operating system kicks in, you won't have any problem using that larger capacity USB drive. But if you're trying to boot from it, the BIOS simply won't see it.
The quick solution? Try a USB drive with a capacity of 512 megabytes or less.
A couple of other things to keep in mind: First, if you're using USB Startup Keys, make sure you don't carry it around in your computer case. That would defeat the whole security purpose.
Second, you can avoid the need for keeping track of USB Startup Keys by making sure that the next laptop you buy supports the Trusted Platform Module, a chip included in enterprise-level computers that supports device encryption and user authentication.
So far, hardware manufacturers haven't seen fit to spend the extra couple of bucks to include the technology in consumer-level computers.
Posts
