PC Rebuild time – remembering how to mount a bitlockered VHD

When your PC reaches the point that MSI cannot connect to the Install Service you know it is time to repave the PC. This is the time to you have to try remember what you installed on the PC, your license codes and how you actually got things to work.

So going through this process this week all went OK until I tried to remember how I handled bitlockered VHDs.

My PC does not have a TPM chip, but I wanted to bitlocker as much of my data as possible. The process to do this was as follows:

  • I created an empty folder c:projects
  • I opened Computer Manager, then Disk Management as an administrator.
  • Via the Actions menu I created a new VHD c:VHDsprojects.vhd
  • This will be mounted by default onto a drive letter, I changed this to mount it on a path (the one I created in step 1)

image

  • Then via the Disk Management tool I created a partition and then formatted the new disk.
  • I could then go onto the new disk by changing to the C:Projects directory
  • I now needed to bitlocker the new VHD drive. This is done via the Control Panel | loaded the Bitlocker Drive Encryption

image

  • As I had no TPM chip I have to encrypt the drive with a password.
  • So when this finishes I have my C:Projects directory this is a mount point for the bitlockered VHD

But I did not want to go into disk management each time I booted to attach the drive; but I did not want it automatically mounted as that defeats the purpose that I wanted a drive that could only be accessed via a password on a reboot..

To get around this I added a shortcut to the project.vhd file to my desktop. To be able to click this to attach the VHD I installed the vhdattach untility(http://www.jmedved.com/vhdattach/). This allowed me to right click the VHD shortcut and attached it, at which would I am prompted to enter the bitlock password for the VHD,.

So I now have a means attach my drive (fairly) easily even though I have no TPM chips. Just wish I had written down how I did it before so I did not have to work it out again.

It is not a perfect solution but at least my important data is bitlockered.