Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.



Windows 7: How Secure is Bitlocker?

16 Nov 2012   #1

Windows 7 32bit
 
 
How Secure is Bitlocker?

I work for a bank and we have a few laptops set up for users. They mostly use these laptops when away from their office to remote into their workstations at work. They each have windows passwords set up on their laptops and I have also turned bitlocker on.

My main concern is if they misplace or someone steals the laptop I don't want a chance of them being able to get any info. I know if the thief tries taking the drive out and placing in another pc that the bitlocker recovery key will be requested, but what if they have a windows 7 install disk and they hit f12 in bios on the laptop with bitlocker on to boot from cd/dvd, from what I remember the recovery key is not requested when choosing another boot option. Would they be able to some how get the users profile documents/info from the hdd or would it wipe the drive like when doing a custom install?

My System SpecsSystem Spec
.

16 Nov 2012   #2

Windows 7 x64 (SP1)
 
 

They will not be able to get anything without the encryption key. At this time brute forcing AES (which Bitlocker uses) is not viable. So any data encrypted with it is secure as long as the key remains secure.
My System SpecsSystem Spec
17 Nov 2012   #3

Microsoft Community Contributor Award Recipient

Windows 7 Ult. x64 Windows 8.1 x64 Ubuntu 12.04 LTS Tri-Boot
 
 

Hi,

You can rest assured - Bitlocker is exceptionally secure. As stated, using brute force to crack the encryption key is unfeasible given the extremely high number of combinations - 8 sets of 6 digits with possible values of 0 - 65,536. The use of TPM prevents any pre-boot tampering, via BIOS, alternate operating systems, slaving of disks to other systems, and including the Windows 7 + F12 scenario you suggested.

The only possible flaw with Bitlocker is that the password is stored in memory whilst the machine is booted and in hibernation. There have been reports of the password being stolen by performing memory dumps from machines booted from a hibernated state, but this requires very specific skills and software. You can easily circumvent this risk by not using hibernation.

Regards,
Golden
My System SpecsSystem Spec
.


17 Nov 2012   #4

Windows 7 x64 (SP1)
 
 

Quote   Quote: Originally Posted by Golden View Post
The only possible flaw with Bitlocker is that the password is stored in memory whilst the machine is booted and in hibernation. There have been reports of the password being stolen by performing memory dumps from machines booted from a hibernated state, but this requires very specific skills and software. You can easily circumvent this risk by not using hibernation.
Bitlocker is not the only one to be effected, Truecrypt is as well, any full HDD encryption is. You have to store the encryption key some where...But hibernation is not effected, the file is stored and encrypted on the HDD just like everything else. You need to enter the Bitlocker password/pin/key when waking from hibernation. You might be confusing hibernation with sleep, in Sleep the memory is kept while in hibernation the memory is cleared.

http://blogs.msdn.com/b/si_team/arch...r-threats.aspx
Quote:
This is why it’s important when using BitLocker’s advanced modes to use ‘hibernation’ rather than ‘sleep’. To provide high-performance for sleep transitions, BitLocker does not encrypt RAM contents nor does it require BitLocker re-authentication when waking up from sleep. With hibernation, a system is effectively ‘off’, and keys will not be resident in physical memory (I’ll get to the second caveat that discusses this shortly). On resume from hibernation, BitLocker will require the credentials I discussed earlier, and without those credentials, encryption keys will not be loaded into DRAM.
My System SpecsSystem Spec
Reply

 How Secure is Bitlocker?





Thread Tools



Similar help and support threads for2: How Secure is Bitlocker?
Thread Forum
BIOS flash error, BITLOCKER on? No bitlocker installed, Win 7 Pro General Discussion
Is EFS secure? System Security
BitLocker Drive Encryption - BitLocker To Go - Turn On or Off Tutorials
Bitlocker: BitLocker could not be enabled System Security
Is UAC really secure? System Security
How Secure Is Your PDF? Security News
Is this secure? Network & Sharing

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:49 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33