Johnny_Eyebrows 1 Posted November 5, 2018 Report post Posted November 5, 2018 Hi all - I hope someone has experience in this query! We're updating to Windows 10 1803[and beyond] across our site, and as part of this, we'll be implementing Bitlocker across all our desktop devices in addition to our laptops. However... Several of our Desktops only support TPM 1.2, and thus cannot follow the AES256 standard that is available with TPM 2.0. (We can't afford to replace the 2000ish devices that don't meet this standard) If we set our policy to use AES 256, would our TPM 1.2 devices fail to encrypt, or would they drop back to AES128? (obviously hoping the latter!) Has anyone had this situation before? Quote Share this post Link to post Share on other sites