Should Recovery Drive be Encrypted by Bitlocker?

Discussion in 'Windows Vista Security' started by glr, May 16, 2009.

  1. glr

    glr Guest

    My Dell does not have TPM. I am using bitlocker with a USB.

    I notice that the Recovery drive is neither protected nor eligible to be
    protected. I am wondering whether this is a weakness in my protection.

    Thanks for anyone's' insight
    glr, May 16, 2009
    1. Advertisements

  2. glr

    Charlie Tame Guest

    I would say it's not a problem, as long as you do not store any data on
    it. I am assuming here that you mean a recovery drive as installed by
    your PC maker in order to restore your system in the event of a disaster.

    All that should be on there is a copy of Windows as it was when you got
    the machine and various utilities from the PC maker, what could a thief
    or spy gain from that?

    Of course if the disaster ever happens and you have to use it then it
    will lose all your encrypted stuff because it will reformat your system
    drive, so encrypted or not you need to back up your data to something
    else, ideally something that is not an integral part of the computer.

    Sorry if I am misunderstanding your question.
    Charlie Tame, May 16, 2009
    1. Advertisements

  3. glr

    glr Guest

    You are on the right track. I think I should have phrased my question
    better. The proper question is perhaps, does the Recovery partition on my
    Vista machine include any confidential data?

    No I do not use it for backup purposes but I think the drive was modified by
    the Bitlocker Drive Preparation Tool when I established Bitlocker.
    glr, May 16, 2009
  4. glr

    Charlie Tame Guest

    Okay, that will help get other opinions.

    The OEM install should not, there may be something to identify "The
    Computer" but not you personally because the OEM did not know who was
    going to buy it.

    However if you used it for anything I guess you could have put something
    on there by accident. I can't see Bitlocker doing that but who really
    knows what the other organizations like NSA is capable of these days?

    I guess my opinion is that it would take a pretty good expert to get
    anything from the Recovery Partition if you didn't put anything there.
    Charlie Tame, May 17, 2009
  5. glr

    tanuj_chadha Guest

    The recovery partition does not contain any confidential data. it is
    there on the system for a complete re-install / back to day 1 settings.



    History repeats itself, first as tragedy, second as farce. - Karl
    Marx :geek:
    tanuj_chadha, May 17, 2009
  6. Bitlocker is used as a security device to encrypt your system against
    'unauthorised' access. As your recovery drive contains only an image of your
    installed operating system and no identifiable (to you anyway) information I
    certainly would not be inclined to encrypt the recovery partition. If you
    loose the encryption key or misplace the printed key version you will not
    only be unable to access your system but you will also not be able to
    reinstall the operating system from the recovery partition - well not unless
    you have created a manufacturer's recover disc.


    John Barnett MVP
    Windows XP Associate Expert
    Windows Desktop Experience


    The information in this mail/post is supplied "as is". No warranty of any
    kind, either expressed or implied, is made in relation to the accuracy,
    reliability or content of this mail/post. The Author shall not be liable for
    any direct, indirect, incidental or consequential damages arising out of the
    use of, or inability to use, information or opinions expressed in this
    John Barnett MVP, May 18, 2009
  7. Also, where encryption is concerned, it is generally not a good idea to
    encrypt "known" data with the same key as the rest of the protected
    Knowing what should be in the recovery partition can aid the bad guys in
    deciphering the ciphertext version and discovering the key used.
    FromTheRafters, May 18, 2009
  8. If one uses Acronys True Image you can attach a password to an OS system
    backup image file. That's better than no security at all and prevents a
    virus from being able to infect it.
    the world according to me, Jul 1, 2009
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.