Enable BitLocker Without A TPM Chip (Password-Based Authentication)
2023-09-13 22:22:56
Open Edit group policy.
Navigate to the following directory:
Computer Configuration -> Administrative templates -> Windows Components -> BitLocker Drive Encryption -> Operating System Drives
Open/configure the following setting: Require additional authentication at startup. Note, do not open the one named Require additional authentication at startup (Windows Server 2008 and Windows Vista) unless you are using Windows Server 2008 or Vista.
Change the option from Not Configured to Enabled.
If you try encrypting your OS drive without a TPM chip, you'll now notice you have the option to setup a password or use a drive as a passkey as well.