Bitlocker For Mac

admin



  1. Does Bitlocker Work On Mac
  2. Bitlocker Genius For Mac
  3. Bitlocker For Mac Free
  4. Bitlocker For Mac Os
  5. Open Bitlocker Usb On Mac

“Is there a Bitlocker for Mac? My Windows computer is out of work! And the USB flash drive is unlocked with BitLocker that unable to use it anymore.”

Some people may encounter such the above situation, but Mac computer doesn’t identify the BitLocker drive. So, today we are going to show you two effective ways of how to use BitLocker drive on Mac.

You can use or access BitLocker encrypted drive with or without data loss on Mac OS X, macOS.

To access a BitLocker drive on Mac OS X, you have to firstly connect the drive to a Windows computer and then simply go to Control Panel System and Security BitLocker Drive Encryption to turn off BitLocker encryption on this drive. If you cannot find any Windows machine, you have to use a third-party utility to access the BitLocker drive on. Generally, BitLocker for Mac software is a tool which can help you mount Windows BitLocker encrypted drives on Mac, bridging the gap between Windows and Mac while keeping data secure. It allows you to open, read and write to BitLocker encrypted drives, including external hard drives, USB flash drives, and SD cards, and also supports NTFS, exFAT. Cocosenor MacOS Bitlocker Reader is a wonderful tool that can unlock BitLocker encrypted drive on Mac with the Bitlocker password and recovery password. Open/read/write BitLocker encrypted drive on Mac computer. Data on encrypted drive can be read and written easily. Files and folders can be transferred between Bitlocker drive and Mac computer.

Option 1: Use BitLocker drive on Mac with BitLocker Genius

A powerful tool such as iSunhsare BitLocker Genius can help you open, read, and write to a BitLocker drive without any data damage. However, before using BitLocker Genius, these conditions must be met:

  1. Correct password or 48-digital recovery key;
  2. A Mac computer;
  3. BitLocker encrypted drive.

Four Steps to access BitLocker drive on Mac with BitLocker Genius

Step 1: Download iSunshare BitLocker Genius to your Mac computer and launch it.

Step 2: Insert your BitLocker drive and click on Ignore if “The disk you inserted was not readable by this computer” error shows you.

Step 3: Select the partition with BitLocker and click on the Unlock button.

Step 4: Type your password if you remember it. Otherwise, you can use the recovery key to unlock BitLocker drive instead. Then the BitLocker drive can mount automatically after unlock.

Note: If you want to get more information about how to use BitLocker drive on Mac without password, please see the video below.

Option 2: Use BitLocker drive on Mac with Disk Utility

This workaround is more simple than previous. But the drawback is that you will lose your files saved on BitLocker drive. If you concerned to remove all data, please follow the steps below to re-use BitLocker drive on Mac with the help of Disk Utility.

Step 1: Open Disk Utility from Dock.

Step 2: Select the target BitLocker drive and click on the Erase button.

Step 3: Select an appropriate format and click Erase.

Related Article:

-->

Use Intune to configure BitLocker Drive Encryption on devices that run Windows 10.

BitLocker is available on devices that run Windows 10 or later. Some settings for BitLocker require the device have a supported TPM.

Use one of the following policy types to configure BitLocker on your managed devices

  • Endpoint security disk encryption policy for Windows 10 BitLocker. The BitLocker profile in Endpoint security is a focused group of settings that is dedicated to configuring BitLocker.

    View the BitLocker settings that are available in BitLocker profiles from disk encryption policy.

  • Device configuration profile for endpoint protection for Windows 10 BitLocker. BitLocker settings are one of the available settings categories for Windows 10 endpoint protection.

    View the BitLocker settings that are available for BitLocker in endpoint protection profiles form device configuration policy.

Tip

Intune provides a built-in encryption report that presents details about the encryption status of devices, across all your managed devices. After Intune encrypts a Windows 10 device with BitLocker, you can view and retrieve BitLocker recovery keys when you view the encryption report.

You can also access important information for BitLocker from your devices, as found in Azure Active Directory (Azure AD).encryption report that presents details about the encryption status of devices, across all your managed devices.

Permissions to manage BitLocker

To manage BitLocker in Intune, your account must have the applicable Intune role-based access control (RBAC) permissions.

Following are the BitLocker permissions, which are part of the Remote tasks category, and the built-in RBAC roles that grant the permission:

  • Rotate BitLocker Keys
    • Help Desk Operator

Create and deploy policy

Use one of the following procedures to create the policy type you prefer.

Create an endpoint security policy for BitLocker

  1. Sign in to the Microsoft Endpoint Manager admin center.

  2. Select Endpoint security > Disk encryption > Create Policy.

  3. Set the following options:

    1. Platform: Windows 10 or later
    2. Profile: BitLocker

  4. On the Configuration settings page, configure settings for BitLocker to meet your business needs.

    If you want to enable BitLocker silently, see Silently enable BitLocker on devices, in this article for additional prerequisites and the specific setting configurations you must use.

    Select Next.

  5. On the Scope (Tags) page, choose Select scope tags to open the Select tags pane to assign scope tags to the profile.

    Select Next to continue.

  6. On the Assignments page, select the groups that will receive this profile. For more information on assigning profiles, see Assign user and device profiles.

    Select Next.

  7. On the Review + create page, when you're done, choose Create. The new profile is displayed in the list when you select the policy type for the profile you created.

Create a device configuration profile for BitLocker

  1. Sign in to the Microsoft Endpoint Manager admin center.

  2. Select Devices > Configuration profiles > Create profile.

  3. Set the following options:

    1. Platform: Windows 10 and later
    2. Profile type: Endpoint protection

  4. Select Settings > Windows Encryption.

  5. Configure settings for BitLocker to meet your business needs.

    If you want to enable BitLocker silently, see Silently enable BitLocker on devices, in this article for additional prerequisites and the specific setting configurations you must use.

  6. Select OK.

  7. Complete configuration of additional settings, and then save the profile.

Manage BitLocker

To view information about devices that receive BitLocker policy, see Monitor disk encryption. You can also view and retrieve BitLocker recovery keys when you view the encryption report.

Silently enable BitLocker on devices

You can configure a BitLocker policy that automatically and silently enables BitLocker on a device. That means that BitLocker enables successfully without presenting any UI to the end user, even when that user isn't a local Administrator on the device.

Device Prerequisites:

A device must meet the following conditions to be eligible for silently enabling BitLocker:

  • If end users log in to the devices as Administrators, the device must run Windows 10 version 1803 or later.
  • If end users log in to the the devices as Standard Users, the device must run Windows 10 version 1809 or later.
  • The device must be Azure AD Joined
  • Device must contain TPM (Trusted Platform Module) 2.0
  • The BIOS mode must be set to Native UEFI only.

BitLocker policy configuration:

Does Bitlocker Work On Mac

The following two settings for BitLocker base settings must be configured in the BitLocker policy:

  • Warning for other disk encryption = Block.
  • Allow standard users to enable encryption during Azure AD Join = Allow
Bitlocker for mac free

The BitLocker policy must not require use of a startup PIN or startup key. When a TPM startup PIN or startup key is required, BitLocker can't silently enable and requires interaction from the end user. This requirement is met through the following three BitLocker OS drive settings in the same policy:

Bitlocker Genius For Mac

  • Compatible TPM startup PIN must not be set to Require startup PIN with TPM
  • Compatible TPM startup key must not set to Require startup key with TPM
  • Compatible TPM startup key and PIN must not set to Require startup key and PIN with TPM

View details for recovery keys

Bitlocker For Mac Free

Intune provides access to the Azure AD blade for BitLocker so you can view BitLocker Key IDs and recovery keys for your Windows 10 devices, from within the Intune portal. To be accessible, the device must have its keys escrowed to Azure AD.

Mac

  1. Sign in to the Microsoft Endpoint Manager admin center.

  2. Select Devices > All devices.

  3. Select a device from the list, and then under Monitor, select Recovery keys.

  4. Hit Show Recovery Key. Selecting this will generate an audit log entry under 'KeyManagement' activity.

    When keys are available in Azure AD, the following information is available:

    • BitLocker Key ID
    • BitLocker Recovery Key
    • Drive Type

    When keys aren't in Azure AD, Intune will display No BitLocker key found for this device.

Information for BitLocker is obtained using the BitLocker configuration service provider (CSP). BitLocker CSP is supported on Windows 10 version 1703 and later, and for Windows 10 Pro version 1809 and later.

For more information on Audit Log entries, see Azure Portal audit logs.

Rotate BitLocker recovery keys

You can use an Intune device action to remotely rotate the BitLocker recovery key of a device that runs Windows 10 version 1909 or later.

Bitlocker For Mac Os

Prerequisites

Devices must meet the following prerequisites to support rotation of the BitLocker recovery key: Microsoft office for mac installer download.

Open Bitlocker Usb On Mac

  • Devices must run Windows 10 version 1909 or later

  • Azure AD-joined and Hybrid-joined devices must have support for key rotation enabled via BitLocker policy configuration:

    • Client-driven recovery password rotation to Enable rotation on Azure AD-joined devices or Enable rotation on Azure AD and Hybrid-joined devices
    • Save BitLocker recovery information to Azure Active Directory to Enabled
    • Store recovery information in Azure Active Directory before enabling BitLocker to Required

To rotate the BitLocker recovery key

  1. Sign in to the Microsoft Endpoint Manager admin center.

  2. Select Devices > All devices.

  3. In the list of devices that you manage, select a device, select More, and then select the BitLocker key rotation device remote action.

  4. On the Overview page of the device, select the BitLocker key rotation. If you don’t see this option, select the ellipsis () to show additional options, and then select the BitLocker key rotation device remote action.

Next steps