Crossposted using Lemmit.

Original post from /r/sysadmin by /u/42woba on 2023-07-07 07:30:37+00:00.

So in my company we started enabling BitLocker. Now when that is set up, how exactly does it work? Please help me understand. Every user has a windows log in password. So, if that user wants to use their laptop, they just have to enter their windows log in password. Where does bit locker come in handy then? (ofcourse if they “guess” your windows log in password correctly, they are in your laptop and there’s nothing you can do about it?) In the case if someone steals your laptop, they will need your windows login password which they won’t have right? So you’re covered there. After that, if they take the disk out and plug it in anywhere else, they will need a recovery key that you extracted to an external disk when setting up bitlocker?

Is that all there is to it?

Thanks