We'd love to hear about it! Click here to go to the product suggestion community
i would like to know if it's possible to enable Safeguard full disk encryption on a Windows 10 Pro PC with a not working tpm chip.
if the answer is yes, what is the procedure ?
Yes - Assuming your PC is domained you may need to alter the GPO to Allow BitLocker without a compatible TPM or modify the local policy.
You'll need to set a fallback policy for Sophos SafeGuard too, so that it does TPM OR Password/startup key. This is set in the Authentication policy section.
I have this running successfully here on a number of laptops and have a password to secure the device at boot instead of TPM And PIN.
I would add that if TPM is broken I would disable/hide it in BIOS so that the OS doesn't try to use it and then fails.
Hope this helps?
In reply to MichaelMcLannahan:
thank you for the answer. But what it will be the pre-authentication method in this case ? The insert of domain user name and password as for Windows 7 ?
Thank you again.
In reply to Marco Curtolo:
No, it'll be a password that the user can set within Windows. It looks almost identical to the TPM PIN prompt but note it says password and NOT PIN
It works. Thank you :)