BitLocker PIN on Surface Pro 2

Learn how you can enter a PIN on a Surface Pro 2 for BitLocker.

John Savill

April 21, 2014

1 Min Read
data lock

Q: Can I enter a BitLocker PIN on-screen on a Surface Pro 2?

A: The Surface Pro 2 doesn't support an on-screen keyboard during boot to enter a BitLocker PIN. However, because the device uses Windows 8.1 or Windows 8, it's common to not require the PIN because you can tie the user account lockout directly into the TPM such that if the user password is incorrect a certain number of times the machine will actually reboot and go into BitLocker recovery mode. The device is essentially locked until the recovery key is entered. This setting is enabled through Group Policy as follows:

  1. Open a Group Policy Object (GPO) that applies to the machines.

  2. Navigate to Computer ConfigurationPoliciesWindows SettingsSecurity SettingsLocal PoliciesSecurity Options.

  3. Double-click Interactive logon: Machine account lockout threshold.

  4. Set the desired number of failed logon attempts, as the figure below shows, and click OK.

  5. Close the Group Policy Editor.

Microsoft offers several good resources for BitLocker configuration on tablets. For more information, see the TechNet articles "Configuring BitLocker for Tablets" and "Prepare your organization for BitLocker: Planning and Policies."

Read more about:

Microsoft

About the Author

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like