is windows Bitlocker useless?

[Abiyar]

Hi,
i want to use Bitlocker to protect my C Drive, but i watched a Video of someone bypass Bitlocker without a key by just enabling TPM,
so what's the point of it ?
the video i'm talking aboit
you can start watching from 2:12 :

 

 

[Eigenvektor]

You normally enable TPM before using Bitlocker. Bitlocker will then store its encryption key in this hardware module.

 

My guess would be that he had his encryption keys stored in TPM, before he disabled it. Windows could no longer decrypt the drive and asked for the recovery key. By (re-)enabling TPM, he made the encryption key available again, so Windows was able to boot without a recovery key.

[Abiyar]

1 minute ago, Eigenvektor said:

You normally enable TPM before using Bitlocker. Bitlocker will then store its encryption key in this hardware module.

 

My guess would be that he had his encryption keys stored in TPM, before he disabled it. Windows could no longer decrypt the drive and asked for the recovery key. By (re-)enabling TPM, he made the encryption key available again, so Windows was able to boot without a recovery key.

oh i didn't know about that, is it automatically stored in TPM? and i notice before start the encryption always asks for TPM.
this picture from video i have TPM

[Eigenvektor]

3 minutes ago, Abiyar said:

oh i didn't know about that, is it automatically stored in TPM? and i notice before start the encryption always asks for TPM.
this picture from video i have TPM

As it says in the dialog, you can use it without TPM if allowed, but it's not as secure. The TPM is a hardware module specifically designed to hold encryption keys in a way that should make them unrecoverable by a third-party. Otherwise Windows will have to store the key somewhere else (e.g. same disk). That makes them potentially accessible to someone else, if they put the drive into their own computer and use specific software tools.

[Abiyar]

i don't want to store it in TPM, by saying "using specific software tools". is that mean the encryption of BitLocker breakable?

[Eigenvektor]

13 minutes ago, Abiyar said:

i don't want to store it in TPM, by saying "using specific software tools". is that mean the encryption of BitLocker breakable?

No, the encryption itself should not be breakable. But if someone can access your encryption key, they don't have to.

 

Same way a burglar doesn't have to break your door if they already have a key to your home.

[Abiyar]

Very clear, Thank you so much

[Kilrah]

On my travel PC that held "sensitive" data I used the group policies to enable other means of storing the key and using a USB drive for it. That way you can't boot the PC or access any data without me plugging in the USB key in first.

3 hours ago, Abiyar said:

i want to use Bitlocker to protect my C Drive, but i watched a Video of someone bypass Bitlocker without a key by just enabling TPM

By default bitlocker is not about preventing access to the drive in the PC it's in and with the OS it's used with, it's to prevent someone either physically stealing the drive and trying to read it in another machine or booting a different OS on the machine the drive is in from getting to the data.