Vista and BitLocker

So now that my new laptop is up and running, I decided to try Vista’s BitLocker drive encryption feature. This allows you to take your entire Windows partition and encrypt the contents so that should your laptop ever be stolen, your data is completely mostly secure. I say mostly because recently there have been cases where people have exploited the decryption key being resident in memory and have successfully moved RAM from one system to another and decoded the secured drives. However, BitLocker will surely thwart the casual thief and make accessing my files more difficult.

The setup for BitLocker is a little messy as you have to have a separate boot partition to store the unencrypted loader which handles decrypting the OS when you boot. Luckily Microsoft recently released the “BitLocker Drive Preparation Tool” which allows you to create this second drive without reinstalling Vista.

With the proper tools in hand my setup was reduced to these few steps:

  1. Run the Disk Preparation Tool to Shrink C: and create the S: Partition
  2. Reboot
  3. Activate BitLocker and save the decryption key in a “safe place”
  4. Reboot (at this point Vista will verify that the decryption key does work)
  5. BitLocker will begin encrypting the drive.

The encryption process takes some time, depending on the quantity of data already on your hard drive. Luckily it is all in the background. Now you can go about your work knowing that should your laptop ever be stolen, it will take more than a casual hacker to get your files of the drive.


Leave a Reply