If creating your own USB startup key seems too complicated, there are several third-party applications that can act as a way to lock your PC with just about any USB drive on Windows 11. Try it out for yourself! If someone attempts to start up your PC without the USB startup key inserted, they will see this screen. That’s it, you are finished! Now your PC will not start up unless you have the USB inserted. Be sure that you indicate the correct drive letters for your system and USB drives. Manage-bde -protectors manages the protection methods used for the BitLocker encryption key and the command will add E: (my USB drive designation) as a TPMandStartupKeyto unlock C:(my system drive destination). Copy and paste the following command and press Enter to run it: manage-bde -protectors -add C: -TPMAndStartupKey E:
The final step is to open and run Command Prompt as an administrator.
Windows Home does not come with BitLocker, it uses a different security feature called Device Encryption.ĥ. However, it’s important to note that this BitLocker method will only work for Windows 11 Professional and Windows 11 Enterprise versions. You can create a USB startup key using BitLocker on Windows 11.
Create your own USB startup keyīitlocker is a built-in full disk encryption tool available on Windows 11, that was first introduced in Windows 7. In this guide, we will show you how to create one from scratch on Windows 11. It’s not quite the same level of protection, but still more secure than just a password, for example. A USB security key, like the Yubikey 5 Series from Yubico, offer FIDO2 (Fast Online Identification) authentication, which is also offered by Microsoft’s Windows Hello.Ī USB startup key prevents a PC from booting into Windows on a BitLocker-enabled drive unless the startup key is present. It is important to point out the difference between a USB startup key and a USB security key.
0 kommentar(er)
