Blog | G5 Cyber Security

BitLocker: Use USB Key

G5 Cyber Security

TL;DR

This guide shows you how to change your BitLocker encryption from using a password to requiring a USB key for unlocking. This is more secure than a password alone.

Steps

  1. Open BitLocker Drive Encryption: Search for “Manage BitLocker” in the Windows search bar and open it.
  2. Find Your Encrypted Drive: You’ll see a list of your drives. Locate the drive you want to change (usually C:).
  3. Change Unlock Method: Click “Change unlock method” next to the drive you selected.
  4. Choose USB Key: A window will appear asking how you want to unlock the drive. Select “Use a USB flash drive”.
  5. Insert Your USB Drive: Plug in the USB key you want to use for unlocking. Make sure it’s one you won’t lose!
  6. Confirm Selection: Click “Start”. BitLocker will begin preparing to use the USB key. This may take a few minutes.
  7. Back Up Your Recovery Key (Important!): You *must* back up your recovery key before continuing. You’ll be prompted to do this. Choose one of these options:
    • Save to your Microsoft account: The easiest option if you have a Microsoft account.
    • Save to a file: Save the recovery key to a secure location (not on the encrypted drive!). A text file will be created.
    • Print the recovery key: Print it out and store it in a safe place.

    The recovery key is essential if you lose your USB key or have trouble unlocking.

  8. Complete the Process: Once the backup is complete, click “Finish”. BitLocker will restart your computer to apply the changes.
  9. Test the New Method: After restarting, shut down your computer and try booting it up again. You should be prompted to insert your USB key before Windows loads. If you can unlock with the USB key, everything is working correctly!

Important Considerations

Exit mobile version