White letters QA imposed over red background

Checking Whether BitLocker Network Unlock Is Enabled

Q: How can I check whether my computer has been enabled for BitLocker Network Unlock?

A: Network Unlock is a new option for accessing BitLocker-protected OS volumes in Windows 8 and Windows Server 2012. To tell whether your computer has been configured for Network Unlock, you must use regedit.exe to check the value of the HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\FVE_NKP registry key. If this key exists and references a Network Unlock certificate, Network Unlock has been enabled.

Network Unlock lets you more easily manage BitLocker-enabled desktops and servers in a domain environment. Without Network Unlock, OS volumes protected using TPM+PIN protectors require a PIN to be entered when the machine reboots or resumes from hibernation. Network Unlock provides an automatic unlock mechanism for OS volumes at system reboot when they're connected to the corporate network.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.