Despre BitLocker Drive Encryption am mai scris in urma cu ceva timp. Atunci explicam cum putem cripta si parola o partitie a hard-disk-ului sau un memory stick / card de memorie, folosind acest nou feature al Windows 7.
Cei care utilizeaza BitLocker au observat probabil ca acest feature are un ceva lipsa. Ofera posibilitatea de criptare si parolare a unui drive, posibilitatea de schimbare parola pentru deblocarea drive-ului, insa nu ofera nicio posibilitate de reactivare a parolei (re-lock drive) dupa ce drive-ul a fost deblocat. In mod normal, dupa ce deblocam drive-ul prin introducerea parolei, singura metoda de a reactiva parola este sa restartam PC-ul / laptop-ul. O optiune, un buton de re-lock drive sau orice altceva care sa ajute la reactivarea parolei, lipseste din setarile acestui feature.
Daca dorim totusi sa reactivam parola unei partitii criptate cu BitLocker fara sa restartam calculatorul, exista o metoda simpla, insa putin cam incomoda.
How to re-lock a drive (hdd partition / USB drive / memory card) with BitLocker.
1. Deschidem Command Prompt (CMD) cu user-ul de Administrator. (Run as Administrator)
2. In Command Prompt tastam urmatoarea linie de comanda:
manage-bde -lock W:
“W:” reprezinta partitia / drive-ul pe care utilizam BitLocker si pe care dorim sa reactivam parola.
BitLocker Drive Encryption: Configuration Tool version 6.1.7600
Copyright (C) Microsoft Corporation. All rights reserved.
Volume W: is now locked
Dupa ce primim acest mesaj, inseamna ca partia a fost reparolata.
Lista de comenzi pentru management BitLocker din Command Prompt.
BitLocker Drive Encryption: Configuration Tool version 6.1.7600
Copyright (C) Microsoft Corporation. All rights reserved.
manage-bde[.exe] -parameter [arguments]
Description:
Configures BitLocker Drive Encryption on disk volumes.
Parameter List:
-status Provides information about BitLocker-capable volumes.
-on Encrypts the volume and turns BitLocker protection on.
-off Decrypts the volume and turns BitLocker protection off.
-pause Pauses encryption or decryption.
-resume Resumes encryption or decryption.
-lock Prevents access to BitLocker-encrypted data.
-unlock Allows access to BitLocker-encrypted data.
-autounlock Manages automatic unlocking of data volumes.
-protectors Manages protection methods for the encryption key.
-tpm Configures the computer’s Trusted Platform Module (TPM).
-SetIdentifier or -si
Configures the identification field for a volume.
-ForceRecovery or -fr
Forces a BitLocker-protected OS to recover on restarts.
-changepassword
Modifies password for a data volume.
-changepin Modifies PIN for a volume.
-changekey Modifies startup key for a volume.
-upgrade Upgrades the BitLocker version.
-ComputerName or -cn
Runs on another computer. Examples: “ComputerX”, “127.0.0.1”
-? or /? Displays brief help. Example: “-ParameterSet -?”
-Help or -h Displays complete help. Example: “-ParameterSet -h”
Examples:
manage-bde -status
manage-bde -on C: -RecoveryPassword -RecoveryKey F:
manage-bde -unlock E: -RecoveryKey F:84E151C1…7A62067A512.bek
Stealth Settings – How to re-lock a drive with bitlocker.