Most of the large deployments I've seen don't use pre-boot PINs, because of the ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		entuno on July 19, 2024 \| parent \| context \| favorite \| on: CrowdStrike Update: Windows Bluescreen and Boot Lo... Most of the large deployments I've seen don't use pre-boot PINs, because of the difficulty of managing them with users - they just use TPM and occasionally network unlock. So might save a few people, but I suspect not many.

mschuster91 on July 19, 2024 [–]

Yeah but TPM-only Bitlocker shouldn't be affected anyway by this issue, these machines should start up just fine.

Whoever only has AD-based Bitlocker encryption is straight up fucked. Man, and that on a Friday.

tjoff on July 19, 2024 | [–]

That's the easy part? just do the domain controller first?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact