• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Accessing "Bitlocker encrypted" (but not really) volumes on say Linux

mikeymikec

mikeymikec

Lifer
A customer has asked me to wipe the SSD in a laptop running Win11. My plan had been to plug the drive into Linux, delete the partitions then set up a Veracrypt partition spanning the entire drive and full-formatting it. My plan hit a snag when Linux immediately asked me to enter a password for the encrypted volume, which puzzled me because I set up Windows on that laptop, it's never (to my knowledge) been connected to an MS account, and while I often see Win11 boxes claim that the drive is encrypted, the data is plainly readable from say a Windows setup command prompt.

Out of curiosity I booted into Win11 on my PC and it read the drive data straight away, not even the vaguest suggestion of BitLocker encryption going on.

I assume there must be some default BitLocker password (I tried an empty password in Linux, didn't work) that Windows uses. Any ideas?

superuser.com suggested running manage-bde -protectors -get driveletter: but it came up saying no keys, same answer as for my internal Windows drive.
 
From a Windows setup USB flash drive, you could run diskpart and issue the clean command to clear it since he's not wanting to save anything. This works even if encrypted with bitlocker. I'm sure Linux has an equivalent command.
 
Make sure Device Encryption is set to off since WIN 11 device encryption is set on by default (at least was with 23H2). Device Encryption is found in Settings -Privacy & Security. If set & you unset it then Windows will proceed to unencrypt the drive on which it is installed.

=======================

I havent personally experienced the situation being reported as Ive not so far had a need to, but a possibilty of what's going is that what is being experienced is a vestigial artifact of MS Windows device encryption.

Q: If device encryption disabled will password screen display?

AI Overview:
- Yes, even if device encryption is disabled, a password screen will still appear when you try to access your device because the password screen is a separate security feature from encryption; disabling encryption only means your data isn't scrambled, but you will still need to enter your password to unlock the device.

- The password screen is a basic security layer that requires you to input a password or PIN to access the device, regardless of encryption status.
 
Last edited:
You must log in or register to reply here.

TRENDING THREADS

Back
Top