Transcription
16/17BitLocker Encryption – User GuideThis document provides guidance for users ofthe BitLocker Encryption software installed onUniversity of Wolverhampton managed staffdevices as part of the Information SecurityProject 2016/17 rollout.Further guidance and assistance can be obtainedby contacting the ITS Service Desk (ext.2000).
BitLocker Encryption – User Guide 16/17TABLE OF CONTENTSDesktop BitLocker Encryption – Process . 2Laptop BitLocker Encryption – Process. 5Laptop BitLocker Encryption - Logon . 9Laptop BitLocker Encryption - Lost / Forgotten PIN . 10Contacting the ITS Service Desk. 10Access BitLocker Self-Service Portal . 11BitLocker PIN Reset . 13Shared Laptop BitLocker Encryption Process . 15Page 1Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/17DESKTOP BITLOCKER ENCRYPTION – PROCESSBitLocker hard drive encryption will be scheduled for activation on your device as part of a planned rollout toall staff laptops. The following screen will be displayed allowing the process to begin:You can select thePostpone option todelay theencryptionprocess, howeverafter a period of 21days have passedthe Postponebutton willdeactivate and youwill only have theoption to start theprocess1) Select Start to commence the process and the following Configuration – Restart Required screen willbe displayedThis screen tellsyou that whenyour computer isrestarted you willneed to enable adevice change toallow BitLockerdrive encryptionprocess tocontinue2) Select Restart NowPage 2Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/173) Upon a restart you may be presented with a similar screen to one show below, follow the instructionsprovided on the screen to continue the process of encrypting your device:4) When you log back in the encryption process will have started for which you will be presented withthe following screen:YOU MAYClose this windowand the encryptionprocess willcontinue in thebackground.Continue using thedevice whilstencryption is takingplace.Shutdown andrestart your deviceas required. Theprocess willcontinue next timethe device isPage 3Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/17How long this takes is dependent on various factors including: 5)The size of the hard driveThe amount of data stored on the diskThe age of the machineYou will see with one of the following prompts when the encryption process has successfullycompleted:Click CloseORClick ExitPage 4Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/17LAPTOP BITLOCKER ENCRYPTION – PROCESS*Ensure your laptop is connected via the mains power before continuingBitLocker hard drive encryption will be scheduled for activation on your device as part of a planned rollout toall staff laptops. The following screen will be displayed allowing the process to begin and will appear every 90minutes if postponed.You can selectthe Postponeoption to delaythe encryptionprocess,however after aperiod of 21days havepassed thePostpone buttonwill deactivateand you will onlyhave the optionto start theprocess1) Select Start to commence the process and the following Configuration – Restart Required screen will bedisplayedThis screen tellsyou that whenyour computer isrestarted you willneed to enable adevice change toallow BitLockerdrive encryptionprocess tocontinue2) Select Restart NowPage 5Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/173) After your laptop restarts a screen similar to the following will be presented:4) BitLocker is requesting permission to make the required configuration changes to your laptop, press F10to allow the changes to be made.5) Your device will restart and load Windows, when it has done this log into your device as normal.6) Once you have logged onto your laptop you will be prompted with the Configuration – Welcome Backscreen:If you would liketo learn moreabout BitLockerthere are twolinks provided forfurtherinformationnamelyComputerSecurity Policyand BitLockerOverview.7) Select Next to proceedPage 6Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/178) You will be presented with the following Configuration – Create PIN for C: screen:This screen willguide you increating aBitLocker PIN9) Please enter a numeric 4-digit PIN in both fieldsNOTE: repeating numbers such as 1111 or sequential numbers such as 1234 are NOT allowed10) Click Create PIN and the encryption process will begin as per the following screenshot:YOU MAYClose this windowand the encryptionprocess willcontinue in thebackground.Continue using thedevice whilstencryption is takingplace.Shutdown andrestart your deviceas required. Theprocess willcontinue next timethe device isPage 7Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/1711) How long this takes is dependent on various factors including: The size of the hard drive The amount of data stored on the disk The age of the machine12) You will see with one of the following prompts when the encryption process has successfully completed:Click CloseORClick ExitPage 8Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/17LAPTOP BITLOCKER ENCRYPTION - LOGONOnce your laptop has been encrypted, every time you power on you will be presented with the WindowsBitLocker Drive Encryption PIN Entry screen, as shown here:Enter your PIN tocontinue start-upof your deviceIf you input an incorrect PIN the laptop will display the Windows BitLocker Drive Encryption PIN Incorrectscreen:This screen istelling you thatyou have enteredan incorrect PINTry again by pressing Enter or select ESC to go through to recovering your PINPage 9Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/17LAPTOP BITLOCKER ENCRYPTION - LOST / FORGOTTEN PINIf you are unable to logon at this point don’t worry, you will need to enter a BitLocker Recovery Key which youcan obtain in one of the following ways: By accessing the BitLocker Self-Service Portal, if you have another device available to accessBy contacting the ITS Service DeskYou will be presented with the Windows BitLocker Drive Encryption Recovery Key Entry screen:You will need togive the first 8digits of RecoveryKey ID when youcontact the ITSService Desk orthe BitLocker SelfService portalCONTACTING THE ITS SERVICE DESKWhen you contact the ITS Service Desk requesting a recovery key for your laptop they will ask you for thefollowing: Your usernameThe first 8-digits of your recovery key ID (as per screenshot above)They will give you a 48-digit code which you will need to enter as per below:Page 10Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/17ACCESS BITLOCKER SELF-SERVICE PORTALIf you have forgotten your PIN and have access to another device with a web browser, you can use the SelfService Portal at https://mblweb.unv.wlv.ac.uk/SelfService to get a recover key which will enable you to accessyour laptop.The Self-Service Portal can be accessed both on and off-campus via a Web browser.Select I haveread andunderstand theabove noticeand selectContinue1) You will then be displayed with the Get a BitLocker Recovery Key page:Enter the firsteight digits of theRecovery Key IDfrom the deviceyou are accessing.Select a ReasonSelect Get KeyPage 11Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/172) This will create your 48-digit BitLocker Recovery Key.3) Enter this code into your device at the BitLocker Drive Encryption Recovery Key Entry screen:4) When you have entered the last digit of the code your device will continue to boot into Windows.REMEMBER.!Now you have regained access to your device you should reset your PIN beforerestarting or shutting down.Please go to the BitLocker PIN Reset section of this documentPage 12Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/17BITLOCKER PIN RESETResetting your PIN is a simple process with only two steps required on your laptop:1) Upon successful log onto your laptop, open Control Panel by selecting Start Control Panel:2) Change the view of your control panel to small icons if required:3) Select BitLocker Encryption Options.Page 13Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/174) You will see the following screen, select Manage your PIN.5) At the Reset Your PIN screen, enter a new PIN in both fields provided and select Reset PIN.6) Your PIN has now been reset and you will be prompted for this new PIN next time your device is restarted.Page 14Authors: Steve Hill & Mita Patel
BitLocker Encryption – User Guide 16/17SHARED LAPTOP BITLOCKER ENCRYPTION PROCESSShared laptops will follow similar steps to Desktop encryption, users will be prompted to encrypt the device byfollowing the on-screen instructions.If a shared laptop has already been setup with a PIN from previous methods of encryption the device wouldneed to be re-imaged to allow encryption without a PIN.PLEASE NOTE: Users are reminded that in no circumstances should personal or commercial sensitive data bestored on shared laptops. Storage of such data on shared devices is a breach of University policy.Page 15Authors: Steve Hill & Mita Patel
Once your laptop has been encrypted, every time you power on you will be presented with the Windows BitLocker Drive Encryption PIN Entry screen, . Enter this code into your device at the BitLocker Drive Encryption Recovery Key Entry screen: 4) When you have entered the last digit of the code your device will continue to boot into Windows .
