This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Safeguard on Windows 10 without TPM

Dear all,

i would like to know if it's possible to enable Safeguard full disk encryption on a Windows 10 Pro PC with a not working tpm chip.

if the answer is yes, what is the procedure ?

Thank you.



This thread was automatically locked due to age.
Parents
  • Yes - Assuming your PC is domained you may need to alter the GPO to Allow BitLocker without a compatible TPM or modify the local policy.

     

    You'll need to set a fallback policy for Sophos SafeGuard too, so that it does TPM OR Password/startup key. This is set in the Authentication policy section.

     

    I have this running successfully here on a number of laptops and have a password to secure the device at boot instead of TPM And PIN.

     

    I would add that if TPM is broken I would disable/hide it in BIOS so that the OS doesn't try to use it and then fails.

     

    Hope this helps?

Reply
  • Yes - Assuming your PC is domained you may need to alter the GPO to Allow BitLocker without a compatible TPM or modify the local policy.

     

    You'll need to set a fallback policy for Sophos SafeGuard too, so that it does TPM OR Password/startup key. This is set in the Authentication policy section.

     

    I have this running successfully here on a number of laptops and have a password to secure the device at boot instead of TPM And PIN.

     

    I would add that if TPM is broken I would disable/hide it in BIOS so that the OS doesn't try to use it and then fails.

     

    Hope this helps?

Children