This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 74%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
I've been reading through this article: https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-security-faq and I have a question regarding this specific passage:
What are the implications of using the sleep or hibernate power management options? BitLocker on operating system drives in its basic configuration (with a TPM but without other startup authentication) provides extra security for the hibernate mode. However, BitLocker provides greater security when it's configured to use another startup authentication factor (TPM+PIN, TPM+USB, or TPM+PIN+USB) with the hibernate mode. This method is more secure because returning from hibernation requires authentication. In sleep mode, the computer is vulnerable to direct memory access attacks, since unprotected data remains in RAM. Therefore, for improved security, it's recommended to disable sleep mode and to use TPM+PIN for the authentication method. Startup authentication can be configured by using Group Policy or Mobile Device Management with the BitLocker CSP.
It says sleep mode here. Does sleep mode mean all types of sleep modes (S0 = modern standby, S1, S2, S3, S4...) and the only "safe" alternative is disabling all sleep modes including hybrid sleep and modern standby and only keep hibernate and shutdown (in combination with bitlocker PIN/password at boot)?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi.
I would like to know how things are going on your end? If you have any further question or concern about this thread, please feel free to let us know.
Best Regards,
Hania Lian
Hi.
According to the official document you provided, you need to disable sleep mode and enable hibernation to better protect your computer.
S1, S2, S3 are sleep modes, you need to disable them completely. S4 is Hibernate, you don't need to disable it.
Please refer to: https://www.tenforums.com/tutorials/63346-sleep-states-available-your-windows-10-pc.html
Hope the information is helpful. If the Answer is helpful, please click "Accept Answer" and upvote it.
