So I noticed that with hardware TPM you dont need a password (you just save the private key to external USB). Now, imagine someone stole my PC (which has the TPM hardware on it), couldn't they just install a fresh copy of windows 10 in a new hard drive, connect my old drive that was protected with bitcopy as secondary drive, and access all my data?
because the TPM hardware module is still on the same motherboard. Remember, they didn't just steal the HDD but he whole PC.
Thanks for reading,
Sean
What system changes would cause the integrity check on my operating system drive to fail?
The following types of system changes can cause an integrity check failure and prevent the TPM from releasing the BitLocker key to decrypt the protected operating system drive:
- Moving the BitLocker-protected drive into a new computer.
- Installing a new motherboard with a new TPM.
- Turning off, disabling, or clearing the TPM.
- Changing any boot configuration settings.
- Changing the BIOS, UEFI firmware, master boot record, boot sector, boot manager, option ROM, or other early boot components or boot configuration data.
