bilocker and TPM

Please can someone help in very plain non technical simple English how Bitlocker works and what is TPM
We have always used Truecrypt but now that does not work on the SSD drives on our Levono Yoga i7 8gb

We encrypted the drive with Bitlocker but after encryption there does not seem to be any change, there is no request for a password at bootup, it just starts as normal.
Does that mean if someone steals the computer without the domain username and password they will not be able to take the disk out and read the files?

What is TPM?
Why does it need a password, when you look at the password file it saves the password is associated to the user, what happens if the user changes.

Any good simple explanation would be accepted.
samcoryAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

McKnifeCommented:
There is various documentation on bitlocker and tpm. Did you look it up?
http://windows.microsoft.com/en-us/windows-vista/bitlocker-drive-encryption-overview for example is an overview.
In short: the TPM acts like a transparent key server. It serves the key to the boot process under certain conditions. Those conditions include (in my own words): the drive is still in the computer it was encrypted on. The mainboad still has (mostly) the same BIOS settings, the drive is being booted from.
So you see, if someone took the drive out, these conditions are not met and the TPM will refuse to serve the key, the computer will not start unless you provide a master password, the so-called "recovery key".

About "Why does it need a password, when you look at the password file it saves the password is associated to the user, what happens if the user changes." - please explain: what password are you talking about? The start of your question suggested, there is no password setup. And no, there's nothing being associated to the user by the TPM.
0
samcoryAuthor Commented:
I am talking about the TPM password which you can save t a file. When you open this file in notepad the paasword is associated with the current user.
What happens if the user changes?
0
McKnifeCommented:
It's the owner password. It is not tied to a user. Read about the owner password and what it's for here: https://technet.microsoft.com/en-us/library/cc732542.aspx
0
samcoryAuthor Commented:
Thanks for your help, sorry it took me so long to respond as I have been away.
The links you provide are interesting bit still do not help me.
With Truecrypt if system drive stopped booting, it was easy enough to remove the drive and connect it to another PC, run Truecrypt and enter the password and recover the files.

I have tested this on a PC without TPM and was able to decrypt on another PC.

Unfortunately I do not have another PC with TPM, so is this the case with a PC which has TPM and is encrypted with Bitlocker, can I remove the drive and recover on another PC?
0
McKnifeCommented:
I already answered that in my first reply. I wrote about what happens if the device is not found to be meeting the defined start conditions. That applies also for drive removal. You will be able to mount and/or decrypt the drive using the recovery key, then.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Encryption

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.