How to Enable the Bitlock PIN Protection Facility
Open up Group Policy Management Console (GPMC
- Click Start, in the Start box, type mmc and then press ENTER
- On the File menu, click Add/Remove Snap-in.
- In the Add or Remove Snap-ins dialog box click Group Policy Object Editor and then click Add.
- In the Select Group Policy Object dialog box, click Browse.
- Click This computer to edit the Local Group Policy object.
- Click Finish, then OK.
Edit the Policy
- Open the Local Computer Policy.
- Navigate to Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives
- Double click on the Require additonal authentication at startup policy.
- Change the setting to Enabled and then click OK.
Enable TPM and Pin
Open up a command prompt with administrative privilages and type: manage-bde -protectors -add c: -TPMAndPIN
This will force the pin option then ask you to specify a key. When you manage Bitlocker settings the reset PIN option will be available.
Applies to:
- All systems running Windows 7 or Windows 8
