I have questions and posted this on other forums and im getting different answers to this and want opinion here.
I have a dell xps 15 9550 laptop. Windows 10 pro with 8gb ram and 250gb ssd. Its a i5-6300hq processor bought a few years ago.
I want to secure my computer where
1. If a thief has physical access to my laptop, they cannot view whats in my hard drive.
2. Bigger concern is if a thief or hacker has access to my laptop... then puts malware/keylogger/trojan on it and then leave it as is... then i use the computer and log into keepass, email etc and now my computer is compromised.
I was told use either bitlocker or veracrypt for this. People suggested bitlocker because more ppl use it and because its already built into windows 10 pro. I did the installation by following a guide online at first and someone else help on a forum. The issue comes when i want to set it up where you have to put a password at boot. I followed steps and it only give me option to put a pin. I didn't like this because it would be numbers... i thought couldn't someone trial and error it by entering numbers? So i didn't do this. Someone then told me cancel that and set it up with TPM unlock. I did this... then i notice i do not put any password at all at boot or anything. He tells me most ppl do this. Then i said how is that safe? It goes straight to computer. He says you have your windows10 password. I told him i put one because i heard that can be bypassed easily. So i put a windows 10 password. As of now, when i turn on my laptop, it goes straight to my win10 password screen. I have to enter my password to log into my laptop.
1. At the moment, is my laptop secure or not? One person said absolutely not because you didn't set a bitlocker pin or password at boot. If it go straight to win10 password, that can be bypassed. Is that true or false? However, my hard drive is encrypted. So how in the world could it be not secure then?
2. Two people told me i have to secure bios with a password and disable usb boot. They said it had to do with if someone has access to your hard drive and put it on another computer. So doing that prevents this. So is having bios secure with a password necessary? What about usb boot? The thing is if someone has my laptop, they cant view my hard drive on my laptop then? Could they put malware or keylogger on it via usb stick if they do not have my windows 10 password?
3. One person told me his setup is very similar to mine... no bitlocker pin or password at boot. He has bitlocker encrypted with TPM unlock just like me. But instead of a win10 password, he has a windows 10 pin. He says its more secure. So he says his computer is secure. So is he right here? He says... how can it be possible hard drive is not secure since its already encrypted? That makes sense. But who is correct here?
I have a dell xps 15 9550 laptop. Windows 10 pro with 8gb ram and 250gb ssd. Its a i5-6300hq processor bought a few years ago.
I want to secure my computer where
1. If a thief has physical access to my laptop, they cannot view whats in my hard drive.
2. Bigger concern is if a thief or hacker has access to my laptop... then puts malware/keylogger/trojan on it and then leave it as is... then i use the computer and log into keepass, email etc and now my computer is compromised.
I was told use either bitlocker or veracrypt for this. People suggested bitlocker because more ppl use it and because its already built into windows 10 pro. I did the installation by following a guide online at first and someone else help on a forum. The issue comes when i want to set it up where you have to put a password at boot. I followed steps and it only give me option to put a pin. I didn't like this because it would be numbers... i thought couldn't someone trial and error it by entering numbers? So i didn't do this. Someone then told me cancel that and set it up with TPM unlock. I did this... then i notice i do not put any password at all at boot or anything. He tells me most ppl do this. Then i said how is that safe? It goes straight to computer. He says you have your windows10 password. I told him i put one because i heard that can be bypassed easily. So i put a windows 10 password. As of now, when i turn on my laptop, it goes straight to my win10 password screen. I have to enter my password to log into my laptop.
1. At the moment, is my laptop secure or not? One person said absolutely not because you didn't set a bitlocker pin or password at boot. If it go straight to win10 password, that can be bypassed. Is that true or false? However, my hard drive is encrypted. So how in the world could it be not secure then?
2. Two people told me i have to secure bios with a password and disable usb boot. They said it had to do with if someone has access to your hard drive and put it on another computer. So doing that prevents this. So is having bios secure with a password necessary? What about usb boot? The thing is if someone has my laptop, they cant view my hard drive on my laptop then? Could they put malware or keylogger on it via usb stick if they do not have my windows 10 password?
3. One person told me his setup is very similar to mine... no bitlocker pin or password at boot. He has bitlocker encrypted with TPM unlock just like me. But instead of a win10 password, he has a windows 10 pin. He says its more secure. So he says his computer is secure. So is he right here? He says... how can it be possible hard drive is not secure since its already encrypted? That makes sense. But who is correct here?