Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Understanding BitLocker and Encryption

04 Nov 2017   #1

Windows 7 Ultimate x64
Understanding BitLocker and Encryption

I just want to understand some basic points about encryption in Windows 7. If I setup BitLocker or VeraCrypt in Windows 7 and someone removes my hard drive they 'technically' cannot view my drive without an unlock key or password.

However if I encrypt the whole drive and it is decrypted on boot with an unlock code or password, which I guess is standard procedure, that means its security at this stage is exactly the same as a standard decrypted HDD and a hacker can view all my data if they break through the internet security suite?

My System SpecsSystem Spec
05 Nov 2017   #2

Windows 7 Ultimate x64

Your understanding is totally correct.

Like with every security feature, the key point is to understand what it's meant to protect against. In the case of full-disk encryption, it helps deter physical attacks. If someone picks the HD and puts in another computer, or boots with another OS, he'll only see the encrypted contents. He won't see what it contains, what it's used and how much is free, much less can alter anything. What you gain from this is privacy.
Of course, an attacker is NOT prevented from simply formating your hard disk and damaging the whole data, or from tacking the disk altogether, you'll still loss the HD

BitLocker, VeraCrypt, or anything like work pretty much in the same way, they replace the Windows bootloader with their own, ask for the password, then decrypt the required sectors in-memory and only saves encrypted data back (plaintext never hits the disk). And this isn't even limited to Windows, any OS does pretty much the same thing.

Like you said, once you've booted the computer, the layer of protection is removed and the OS works normally. Viruses, deliverate destructive actions, human errors or program bugs affect the same there, since the encryption layer will happily save any malicious action into the HD, just scrambled. It offers exactly zero protection against malware. You still have to do your backups, firewall, updates, permission hardening as normal to get security against that.
My System SpecsSystem Spec
09 Nov 2017   #3

Windows 7 Ultimate x64

Sorry for the late reply. Is there a way to part encrypt folders on a drive one by one or in groups and then decrypt each one(s) only when required? This isn't ideal but just a thought.
My System SpecsSystem Spec


 Understanding BitLocker and Encryption

Thread Tools

Similar help and support threads
Thread Forum
BitLocker Drive Encryption - BitLocker To Go - Turn On or Off
How to Turn Windows 7 BitLocker To Go On or Off for Removable Drives BitLocker To Go is used to encrypt and password protect any removable external hard drives and USB flash drives. The drives must be formatted using either the exFAT, FAT16, FAT32, or NTFS file system and must be at least...
Bitlocker Encryption drives
I m having problems with bitlocker :cry: .... my hard drives are not showing in control panel-->system&security-->Bitlocker Encryption drive .... any help related to this please ?????????????????????????????????????????????????????????
General Discussion
BitLocker Drive Encryption - Change Encryption Method and Cipher Strength
How to Change Windows 7 BitLocker Drive Encryption Method and Cipher Strength This will show you how to change the encryption algorithm and key cipher strength used by BitLocker to encrypt drives in Windows 7.BitLocker Drive Encryption supports 128-bit and 256-bit encryption keys. Longer...

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 00:31.
Twitter Facebook Google+