Windows 7 - BitLocker Drive Encryption

While using BitLocker Drive Encryption feature, i selected the settings for using the USB to store the security key. But, once I restarted my PC, BitLocker didn't recognized the USB and went into recovery mode.

Can anyone suggest as to why the USB key was not taken into consideration?

Windows Vista didn't provided any means by which a user working on Windows XP could access a shared folder of an BitLocker encrypted drive. But, this feature was provided in Win 7 in the form of BitLocker To Go feature.

So, my question is, isn't it hampers the main motive that was behind BitLocker Drive Encryption feature?

Why is it necessary to have minimum of two active partitions/volumes for enabling the BitLocker Drive Encryption feature.

If the administrator has the right to access various keys/passwords through AD DS, isn't it an issue as it acts against the theme behind the feature.

Hi Harmohans,

Any encryption for a full partition requires a (usually very small) second partition containing a boot code including the encryption handler.

Take a Bitlocker enforced Windows 7 for example: you've got a 200MB partition which is hidden from view by having no drive letter (you'll find that one in your drive-configuration only). Furthermore you've got a 80GB partition with your installation (OS, Data etc).

As the 80GB partition is completely encrypted by bitlocker it doesn't make any sense to your system when trying to boot it (the boot files are encrypted too - because it's a *drive* encryption).

Considering this, it's quite easy to explain the second (small) partition: your system boots from there (no problem, because it's not encrypted), loads the encryption drivers, connects to the TPM, gets the encryption information for your 80GB partition, allowing access to it. Then it continues to boot from your large partition.