I have Win7 Ultimate laptop that does not have TPM. So I ran Gpedit.msc to do the following: Computer Configuration \ Administrative Templates \ Windows Components \ Bit Locker Drive Encryption \ Operating System Drives and double click on Require additional
authentication at startup.
Now when I turn on the Bit Locker on drive C, I get the message above with only one option "Require a Startup key at every startup".
Does this mean that the user has to stick a USB flash drive to his laptop EVERYTIME he turns it on?