no way to compare when less than two revisions
Differences
This shows you the differences between two versions of the page.
— | windows:client_os:pin_on_boot [2019/10/31 09:06] (current) – created - external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Bitlocker: Enable PIN on boot ====== | ||
+ | If you want your system to require a PIN number in order to unlock a Bitlocker encrypted drive at boot time, you need to change one small GPO setting (assuming that you have Bitlocker already set up): | ||
+ | Start Group Policy editor by pressing Windows+R and entering the command ‘gpedit.msc’ | ||
+ | [{{ : | ||
+ | Navigate to Local Computer Policy -> Computer Configuration -> Administrative Templates -> Windows Components -> Bitlocker Drive Encryption -> Operating System Drives | ||
+ | [{{ : | ||
+ | Select the ‘Require additional authentication at startup’ option, and set it to ‘Enabled’. Then set ‘Configure TPM startup PIN’ to ‘Require startup PIN with TPM’ | ||
+ | [{{ : | ||
+ | Now open CMD in elevated mode and enter the command to set the PIN | ||
+ | <code bash> | ||
+ | This will prompt you for a PIN which You will enter at Boot time. |