In any case you will need a comprehensive PKI infrastructure (especially true of BitLocker). This is why I have things like this on my "wish list" rather than my "goals list". -- +-------------------------------------------+ | Michael Surato | | College of Arts and Letters | | Michigan State University | | 320 Linton Hall | | East Lansing, MI 48824 | | Voice: (517) 353-0778 Fax: (517) 355-0159 | +-------------------------------------------+ >>> On 12/3/2008 at 12:24 PM, Al Puzzuoli <[log in to unmask]> wrote: > From what I understand, two reasons: > > Truecrypt doesn't utilize the TPM. Therefore, it requires entry of an > additional password before the machine ever even boots. Since BitLocker > stores the key in the TPM, users can log on as normal once everything is > set up. > > Secondly, BitLocker apparently allows for storing machine recovery > passwords in Active Directory, which seems like it would be a way cool > feature. > > Again, I'm just starting my explorations, so please feel free to correct > me if any of this is inaccurate. > > Thanks, > > > > > -----Original Message----- > From: Peter J Murray [mailto:[log in to unmask]] > Sent: Wednesday, December 03, 2008 12:09 PM > To: Al Puzzuoli > Subject: Re: [MSUNAG] TPM and BitLocker Questions. > > Why not use Truecrypt? > > Al Puzzuoli wrote: >> I've begun experimenting with BitLocker. I'm trying to enable it on a > >> Tecra M5, which is several years old. I suspect the TPM on this unit >> may be a version that is too old to support BitLocker, but how can I >> tell for sure what version this unit has? >> >> When I enabled BitLocker, the system restarted, asked me to initialize > >> the TPM, and all appeared to be well. However now, whenever I restart > >> and try doing the check before actually encrypting the drive, I get an > >> error indicating that my boot configuration has changed and the check >> fails. Has anyone else experienced this, and does it indicate the >> presence of a TPM 1.0 or 1.1 as opposed to a 1.2? I would think if >> the TPm were too old, BitLocker would be smart enough to just say so >> and not proceed any further? >> >> Thanks, >> >> Al Puzzuoli >> Information Technologist >> Resource Center for Persons with Disabilities 517-884-1915 120 >> Bessey Hall East Lansing, MI 48824-1033 http://www.rcpd.msu.edu >> >> >> __________ Information from ESET NOD32 Antivirus, version of virus >> signature database 3661 (20081203) __________ >> >> The message was checked by ESET NOD32 Antivirus. >> >> http://www.eset.com >> >> >> > > > __________ Information from ESET NOD32 Antivirus, version of virus > signature database 3661 (20081203) __________ > > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com > > > > __________ Information from ESET NOD32 Antivirus, version of virus > signature database 3661 (20081203) __________ > > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com >