3,086 questions
Bitlocker eDrive not working well on certain notebooks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 61%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
Thorakson
10
Reputation points
I am the owner of a Dell XPS with a TCG Opal 2.0 & IEEE1667 compatible Samsung 980 Pro SSD.
Before some of you will tell me not to use hardware encryption because of alleged weaknesses, I am aware of the paper from Carlo Meijer and Bernard van Gastel but frankly modern Samsung SSDs were not affected as long as hardware encryption was utilized by TCG Opal. Also software encryption does lower performance, even with AES-NI.
That being said, there seems to be a problem with eDrive when used in Notebooks (such as Dell or XMG) that also allow you to set a password to NVMe drives via the UEFI:
Once eDrive is enabled, the UEFI of the Notebook will pop up a password prompt for the eDrive enabled SSD. Obviously the PIN isn't going to work on the UEFI's password prompt.
You might ask "how is this a Windows/Bitlocker problem?".
- If hardware encryption is used with sedutil, this problem does not occur even though sedutil locks the drive the tcg opal compliant way. If it works with sedutil I don't see why it shouldn't work with Bitlocker eDrive.
- It happens on Dell as well as XMG notebooks and probably other brands as well.
I figure eDrive locks the drive in a way that makes it go haywire with the notebook's UEFI.
Windows for business Windows Client for IT Pros Devices and deployment Configure application groups
Windows for business Windows Client for IT Pros User experience Other
Sign in to answer