Windows 10 SITG: Windows 10 must use a BitLocker PIN for pre-boot authentication

Post author:Chatur Tamang
Post published:January 9, 2020
Post category:Microsoft / Windows 10

To enable BitLocker PIN authentication when using BitLocker during the the computer startup using GPO, do not forget to read the GPO help instruction where it notes that only one of the additional authentication options can be required at startup, otherwise a policy error occurs. There are four types of authentication made available.

Process:

Make sure you have activated TPM in the BIOS
GPO settings
1. Go to Computer Configuration->Administrative Templates->Windows Components->BitLocker Drive Engryption-> Operating System Drives
2. Choose “Require additional authentication at startup” .
  1. Enable the option
  2. Under Settings for Computers with TPM:
  3. Choose “Require startup PIN with TPM
3. Choose “Apply” and “OK”
4. NOTE: leave all the other options to “Do Not Allow…”

I am a goal-oriented Infrastructure System Engineer and Information System Security Officer with over 10 years’ of experience in planning and implementation of network, servers, virtualization and security technologies . Background includes hands-on experience with multi-platform, LAN/WAN environments, assessing and implementation of security controls in using ODAA and RMF guidance. Demonstrated record of success in migrating, troubleshooting Servers and increasing efficiency.

You Might Also Like

INSTALLING AZURE STACK DEVELOPMENT KIT ON MY LAB – PART III : ADD Windows 2016 Image to ASDK

Creating bootable ISO media from DVD containing Windows Server 2012 R2 setup files and folder

Migrate Symantec Endpoint Manager 14.2 from Windows Server 2012 R2 to Windows Server 2019 seamlessly without breaking client communications