Link to home
Start Free TrialLog in
Avatar of sglee

asked on


I  like to encrypt C drive on windows 10 PC and want  an external USB flash drive to be connected to the PC in order for the computer to boot normally. In other words, if the external USB flash drive is not inserted into the computer, I want the computer to stop booting and ask the user to enter recovery key manually.


How can I make it happen?


Avatar of McKnife
Flag of Germany image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of sglee


"Why would you want it that way instead of using a PIN to authenticate" --> Apparently my customer believes that this is only way to protect the data on the hard drive in case the computer (or HD is stolen). When the stolen HD is attached to another PC, the thief won't have access the contents of HD unless this USB stick is present.

But if you encrypt C drive and store recovery key file somewhere safe, same thing can be accomplished, right?

Use a PIN. It's safe, a thief has only 32 tries to guess it (6 digits at least).
Avatar of sglee


I spoke to my customer about "utilizing external USB drive during boot process" and decided that we really don't need to use it.

We will just encrypt the C drive and store recovery key file somewhere safe.

If the computer get stolen, a thief won't be able to log in because they have user's password.

If they take HD out of stolen computer and attach it to another PC, they will need recovery key that they don't haVe.

Based on the decision, I don't think we need to create a PIN# (that is required during the startup) either.


McKnife did answer your question correctly. Can you accept the solution so the search engine may benefit from the answer?

Breaking into a bitlocked computer without a PIN is possible for experts. With a PIN it is considered next to impossible.
Avatar of sglee


Thanks McKnife for your insight!