Bitlocker is effectively uncrackable.

A TPM unlocked drive will have data at rest encrypted. This means any data the computer is not actively working on is encrypted, unencrypted data may live in the systems RAM. Data at rest encryption will prevent someone from just pulling out the hard disk and reading the data directly from it, they will require the ability to log in to the machine to access it.

If you are worrying about a cold boot attack, where someone turns on your PC and then freezes your memory to -180c to then read the keys from them you shouldn't use data at rest encryption, you shouldn't even be running Windows to begin with.


Also do not use PIN codes to log in, a 4 or 6 letter code is stupidly easy to bruteforce.

Never lose your recovery code, if your BIOS is reset or updated, or if you ever switch to another system Bitlocker will ask for it.

Originally posted by Omega:

Bitlocker is effectively uncrackable.

A TPM unlocked drive will have data at rest encrypted. This means any data the computer is not actively working on is encrypted, unencrypted data may live in the systems RAM. Data at rest encryption will prevent someone from just pulling out the hard disk and reading the data directly from it, they will require the ability to log in to the machine to access it.

If you are worrying about a cold boot attack, where someone turns on your PC and then freezes your memory to -180c to then read the keys from them you shouldn't use data at rest encryption, you shouldn't even be running Windows to begin with.


Also do not use PIN codes to log in, a 4 or 6 letter code is stupidly easy to bruteforce.

Never lose your recovery code, if your BIOS is reset or updated, or if you ever switch to another system Bitlocker will ask for it.

Thanks for the info. In that case probably very unlikely I'm interesting enough to do a cold boot attack. Search results can overblow these minor security concerns.

I'll try memorising a solid password instead, I guess since it's offline there'd be no real way to time out brute forcing.

I've got recovery codes stored in multiple places and in a safe that's bolted to the wall.

Originally posted by smallcat:

A video circulated on Internet showing how to hack a TPM is several seconds .

Massively overblow.

This was already known. And this only affects systems with a physical separate TPM module, systems with the TPM integrated in to the CPU or SoC this does not affect.

Originally posted by smallcat:

A video circulated in Internet showing how to hack a TPM is several seconds .

As a gamer i have not much to hide thus i dont need more than a firewall and an antivirus app . I have only an app developed by me wbich has a high value but it s on a hdd and it s not connected to internet . As for a physical access i m not protected but i doubt anyone will attack me .

That was for a dedicated TPM module. It doesn't work on CPU TPM from Intel or AMD.

I do IT administration for a small firm, so there's lots of data I need to keep secure. While the odds of someone gaining physical access to my stuff are low, the chances are still there. It'll give me peace of mind if everything is encrypted vs not.

You do what you want ofcourse but i will never use bitlocker on my own personal devices as a power user, i only use local users on windows and modify the system myself using GPO, regedit, host files and such.

All my important data is backupped on my NAS aswell.