BitLocker Makeover

The Windows Vista RC1 release is quickly approaching and I know many of you are eager to hear the latest and greatest news about BitLocker.  Well, wait no more my fervent comrades!   Anyone who is familiar with previous builds may recall walking through separate wizards for the TPM and BitLocker functionalities – and thinking,…


Open Sesame: BitLocker Recovery Passwords

Anyone who has tried enabling BitLocker will have been greeted with a friendly dialog box insisting that you create a recovery password.  I remember the first time I saw this, I found myself asking, “what is this recovery password, and what am I supposed to do with it?”  Let’s first take a look at the…


Keys to the Kingdom

You probably have lots of keys in your life — a house key, a car key, an office key. Each of these keys fits a different lock. Windows BitLocker™ Drive Encryption also has different key and lock combinations. Just as you wouldn’t leave your car keys laying out in public or sitting in the ignition…


Heidi Waterhouse

Heidi Waterhouse is a technical writer with the BitLocker team. She spends her time translating security concepts into actionable steps.


BitLocker and unallocated space

I often see two questions related to free (a.k.a. “unallocated”) disk space when people talk about Windows BitLocker™ Drive Encryption on various forums: Q: What happens to unallocated space when I enable BitLocker on my volume? Does it get encrypted? Q: I enabled BitLocker on my volume and – poof! – all my free space…


Bulat Shelepov

Bulat Shelepov is a Software Development Engineer with the System Integrity team at Microsoft.


Doing our part for BitLocker™ Drive Encryption: Particular requirements around partitioning

On May 23-25, members of the BitLocker team participated in the Windows Hardware Engineering Conference (WinHEC) in Seattle. It was a successful event for us, and we even got some mentions in keynote speeches. Everyone we talked to understood the importance of encrypting the entire disk volume, and there was a great deal of excitement…


Why you need to own your Trusted Platform Module (TPM)

You might think that having your TPM security hardware be “owned” may not be a good thing. If you’re well-versed in slang, you’re excused. However, to own or “take ownership” of your computer’s TPM is actually desirable for both functionality and security.   Taking ownership of the TPM allows you to make full use of…


“Is anyone out there?” — Using physical presence to turn on the Trusted Platform Module (TPM)

Malicious software can lurk in the most humorous of dancing baby videos and cause havoc on your computer. To help protect against malware taking control of your computer’s Trusted Platform Module (TPM) security hardware, computer manufacturers should follow recommendations from the Trusted Computing Group (TCG) to ship TPMs in the “off” state and require users…


Xian Ke

Xian colludes with coworkers as a Program Manager on the System Integrity team of Windows Security. She started full-time at Microsoft in 2004 after undergraduate and graduate work at MIT and assorted internship stints. She puts academic knowledge into practice by spending time on TPM and BitLocker administration, enterprise backup and recovery, and other areas…