[X] Be able to enter bitlocker PIN using on-screen keyboard - NOT POSSIBLE

keyboard
bitlocker

#1

If you secure your drive using Bitlocker, Microsoft recommend that you use a PIN on boot to decrypt the drive:

At the moment, you can only enter the PIN on boot-up using the V keyboard attached using its pogo pins (bluetooth is not possible) or a USB keyboard. Therefore, if you use bitlocker with PIN, you cannot unlock the machine if you don’t have the keyboard with you.

The surface pro (and many other detachables) include an on-screen keyboard on boot to unlock bitlocker, as shown:

I recommend that the V includes an on-screen keyboard for Bitlocker like other detachables, so such users are not obliged to always carry their keyboard.

[As an aside, this is pre-boot so it is something that needs to be set in the BIOS - it can’t be fixed with a Windows setting]


#2

where is the like button? why can’t I like this post?


#3

Need to vote above the post


[Summary] Software Improvements Progress (keep updating)
#4

Well, this would require a touch-driver in UEFI, which Eve is… how do I say that nicely?.. not very keen to implement.


#5

image

Click Vote!!!


#6

Also in my humble opinion, for 2-in-1 device BitLocker is an overkill…as it becomes an extra step to hurdle through to start/access your laptop…:sweat_smile:


#7

but would the argument be not the other way around: because it is a 2in1 it needs more protection because it is easier removed out of your hands? e.g. when you are travelling or so?
When I am on the go more people get potentially access to my V, than people get access to my desktop.
Or do I make a mistake in my thinking?


#8

I was thinking other way around, for me, EVE’s V falls under mobile device category, so would I give access to my mobile to people around me, NO.

Would i like my V to open and be straight at the work? YES,
Will BitLocker provide me an additional puzzle to solve before I get access and start to work? YES,

So, its my way of thinking that i don’t need this, for now (as of 18th Dec 2017).


#9

I do understand, but how often do you have to enter the Bitlocker-Code? Every time starting the V or only after shut down or restart?


#10

I very, very strongly disagree on this.
This feature is actually what makes the difference between limiting the device to “most consumers” versus opening it to “all consumers and businesses”.

I am very interested myself in this particular feature. I believe I have a “sub-optimal” workaround for the moment, but I’d much rather not having to use any workaround.


#11

After shutdown/restart.

When resuming from sleep, there’s only your usual Windows password.


#12

It’s also required when resuming from hibernation. If I know I am travelling, I’ll put the PC in hibernation to ensure the pin is required on start.


#13

if we change the sign-in settings to require sign-in every time, combined with our fingerprint reader, wouldn’t that mean we can unlock V the same way we unlock our phones? no more dealing with lengthy waking up from hibernation


#14

The problem that BitLocker’s cryptography attempts to solve is different than the one that wake-up locking tries to solve.

Cryptography attempts to address what happens when the device is booted from some external source or when the storage drive is removed from the device in order to inspect the data. If the drive is not encrypted, the data can be inspected.


#15

correct me if I’m false, but if I pack my actual Laptop in my pocket I take of the Display, not shut down… and if I want to take it on, I normaly have to type in my Password in the Windows 10 Interface… So I don’t know if I understand right, but there absolutly have to be a on Display Tastatur if it is in tablet mode…

so in Case u have a on Display Tastatur I don’t understand why all of you want another Programm (bloatware???) on your v


#16

because Bitlocker will ask for a PW BEFORE entering windows…


#17

When you put your device on sleep, the processor is put in a special state and all the data in RAM is preserved where it is. Power is not cut off completely from RAM or processor and it’s instead so low that the device can remain in that state for several days. When you wake it up, since the RAM is still filled with the data it had when you put it to sleep, the Operating System is already fully loaded and as a matter of fact you are still logged-in. As a result, the software keyboard provided by Windows is available as well as all other Operating System features.

On the other hand, when the device is put in Hibernate or turned off for any reason, all data in RAM is wiped as consequence of the power-loss and the processor turned off completely, as well as all peripherals. As a result, turning it on will require the OS to be loaded back to RAM from mass storage (the SSD) and once startup has completed you’ll have to login again.

Bitlocker is a very lightweight piece of software that is run BEFORE the Operating System loads and it acts as an intermediary between the SSD and the RAM, decrypting all data coming from the SSD and encrypting all data sent to the SSD, which includes the Operating System code itself. Being so small and lightweight, it doesn’t have a virtual keyboard and as a result if you turn on BitLocker (or any other known encryption suite, as far as I know) either you have a physical keyboard available or you won’t be able to type the password that will then allow the Operating System to load.

The virtual keyboard proposed here (which could be as simple as a plain US keyboard with no other locale) would not be implemented as a program running on top of the Operating System but rather as a feature embedded with the UEFI/BIOS (which is initialised before BitLocker). It would not be installed like a normal software and would not affect performance or available storage in any way, nor would it be possible to remove it by wiping the SSD. In other words, it wouldn’t be bloatware but a BIOS feature, like Surface Pro and by now probably other tablets have.


#18

Xinjie has written on the 15 Jan:

Obiviously, this is extremely disapointing. Given the number of votes for this, this will potentially hurt sales, particularly for business users.

I’m surprised about the answer because many other detachable Windows tablets have this feature - and it was implemented as a BIOS update for some of these, such as for an earlier version of the Surface Pro

@Xinjie, could you ask Emdoor to provide an explanation as to why its impossible for the V?


#19

That’s too bad. I was really hoping they could do something about it.

Aside from my personal hopes, as @Phil said this could potentially hurt sales for business users, which are the most cost-effective to handle for a company and also a represent huge market.

I would recommend to implement it in a future revision of the product.