Using DESlock+ FDE where BitLocker is already turned on
Managed Users
If you are using the Managed version of DESlock+, it will depend on which drives are encrypted with BitLocker:
- The Operating system drive, usually the one with Windows installed on it. The Enterprise Server will prevent you starting FDE. Note: this also includes Windows 8.1 Device Encryption.
- A non-OS drive. The Enterprise Server will prevent you from encrypting the drive.
Standalone User
If you are using the Standalone version of DESlock+, you can currently FDE encrypt BitLocker enabled drives, however, it is inadvisable and strongly recommended you remove BitLocker or turn off Device Encryption and applicable.
Please note, using DESlock+ FDE and BitLocker, in any form, at the same time is not supported and should the way the Standalone client handles BitLocker change in the future, you may be unable to access DESlock+ FDE settings.
If you do proceed, it is important that, once DESlock+ FDE has started, you must not turn off BitLocker.
Turning on BitLocker when DESlock+ FDE has already taken place
You should not turn on BitLocker after DESlock+ FDE has been started.
Turning on BitLocker, even on a non-OS drive, will render your PC unbootable and most likely unrecoverable.
How can I tell if BitLocker is turned on?
You can tell if any drives have BitLocker, or Device Encryption turned on by looking at the drive icon in Windows Explorer.
The OS drive, or any unlocked drive it will look like this
A non-OS drive that is locked will look like this
Another method for checking if BitLocker is turned on is to open a Command Prompt and type the following command:
manage-bde -status
In the screenshot above, BitLocker has encrypted the machine but is not currently activated. To resolve this, you must activate BitLocker and then remove BitLocker.
Turning BitLocker Off
To turn off BitLocker, right click the drive and click Manage BitLocker or from the Control Panel open BitLocker Drive Encryption. Click the Turn off BitLocker option for each drive and wait for decryption to complete.
To turn off Device Encryption follow the steps below for the operating system you are using:
Windows 8 & 8.1
- Open the Charms bar by swiping in from the right or pressing Windows + C keys on the keyboard
- Click Settings
- Click Change PC settings
- In the PC Settings app, choose PC and devices, then PC info
- Turn off Device Encryption and wait for decryption to complete
Windows 10
- Press the Windows + I keys on the keyboard
- Click the System icon
- Select the About category
- Turn off Device Encryption and wait for decryption to complete
Add a comment
Please log in or register to submit a comment.