Reference Guide

Manage Policies
BitLocker recovery for
access.
To use this policy,
Require Additional
Authentication at
System Startup must be
set to Selected.
Configure TPM Startup Allow
Do Not Allow
Require
Allow
On computers with a
compatible TPM, three
types of
authentication
are supported. Only one
of the following can be
required or allowed:
Configure TPM Startup
PIN
Configure TPM Startup
Key
Configure TPM Startup
Key and PIN
To use this policy,
Require Additional
Authentication at
System Startup must be
set to Selected.
Configure TPM Startup
PIN
Allow
Do Not Allow
Require
Allow
To use this policy,
Require Additional
Authentication at
System Startup must be
set to Selected.
This type of
authentication involves
the entry of a 4-digit
to 20-digit personal
identification number
(PIN).
Configure TPM Startup
Key
Do Not Allow
Do Not Allow
Require
Allow
To use this policy,
Require Additional
Authentication at
System Startup must be
set to Selected.
This type of
authentication involves
insertion of a USB
drive containing the
startup key.
128