Boot Camp, Windows 10 Pro, and encryption for both OS X and Windows

Discussion in 'macOS' started by exi, Jun 20, 2017.

  1. exi macrumors 6502

    Oct 16, 2012
    Have searched and found many threads on this as well as links across the internet with very involved hacks, but with varying takes on the issue. Wanted to get some recent experiences.

    In years past, it was my understanding that having a FileVault 2 protected OS X partition, Boot Camp installing a Windows partition, then enabling Bitlocker on that partition after editing the group policy to allow booting without a TPM would result in boot issues -- the OS X partition being non-bootable or whatever else.

    Meanwhile, the note at the top of this page suggests that the two play nice these days. Unclear whether his previous work affected it or not.

    Can anyone speak to their experiences trying to maintain full disk encryption with both Windows and OS X on a Mac?

    Virtual machines are not an option, and if I can avoid third-party software, that would be nice.

    Preparing for the arrival of an iMac this week.

    Thanks much.
  2. exi thread starter macrumors 6502

    Oct 16, 2012
    To update my own thread, for those later:

    I seem to have FileVault 2 and Bitlocker working and behaving together on a 2017 iMac. I did so by doing these things:

    1. Updated macOS Sierra;
    2. Enabled FileVault and left to complete;
    3. Installed Windows 10 Pro via Boot Camp;
    4. Edited Group Policy in Windows to allow password-protected Bitlocker (as in, disable TPM requirement);
    5. Enabled Bitlocker (was anxious to see if it would work and didn't even update Windows 10 Pro install fully) using the "used disk space" option -- not the "whole drive" option.

    To be clear, the sole reason I have a Windows partition is to play the occasional game until maybe one day in the future A-list games take off on Mac with Metal, etc.

    I am able to option-boot into each OS. On the Apple side, macOS shows me FileVault 2 being enabled. On the Windows side, Bitlocker shows as enabled.

    Does anyone see any issues with this?

Share This Page