Content starts here
CLOSE ×

Search

Popular Searches

Rolling Stones Presale

Games

Car rental

AARP daily Crossword Puzzle

Hotels with AARP discounts

Life Insurance

Suggested Links

Help Show me my account info Change my Address How do I contact AARP? Where is my membership card? How do I get a digital card?
Red Membership Card

AARP MEMBERSHIP — $12 FOR YOUR FIRST YEAR WHEN YOU SIGN UP FOR AUTOMATIC RENEWAL

Get instant access to members-only products and hundreds of discounts, a free second membership, and a subscription to AARP the Magazine.

120x30-AARP-logo-red
Join
Renew

AARP en Español

You're this close to getting so much more ...

Get access to this and all Members-Only discussions, plus a world of member Benefits when you Join AARP!

Become an AARP Member for $12 Already a member? Login >

Members Only

My Settings Guidelines Help

Partitioning an encrypted OPAL SSD ?

Reply
fffred
Social Butterfly
‎01-05-2020 01:20 PM

Partitioning an encrypted OPAL SSD ?

I have a Lenovo T460 laptop with Windows 10 Pro. The SSD is factory encrypted; my PO says it's "256 GB Solid State Drive, Serial ATA3 OPAL2.0 - Capable". It's set up to have the BIOS password and the encryption password entered on boot up.

 

I want to partition the SSD so that I can have a z: drive for my personal files. (I am aware of some debates over partitioning SSDs)

 

I'm wondering how partitioning will affect the drive's encryption. I want both partitions to be encrypted.

 

Since it's an OPAL drive the encryption is supposed to be on the drive board itself, rather than going through the OS. So I surmise that partitioning the SSD should have no effect on the encryption. Is that correct? 

 

TIA

 

EDIT:   see my update in post # 2

 

 

0 Kudos
1,172 Views
1
Report
fffred
Social Butterfly
‎01-06-2020 03:24 PM

well, after not finding any reliable information on this via Google I went ahead and did this.

 

It was pretty easily actually. Lenovo support site provided a helpful document on partitioning the drive under Windows 10. This was very easy to do, took me only a few moments using the built-in tools of Windows 10.

 

Then I copied my data to the new "z:" drive and it works as expected. The indexing and search functions work as expected.

 

I am still prompted for the drive password on boot-up, and only once for the single (now-partitioned) drive. I assume that it is still encrypted (which was alway an assumption in the first place, unlike my encrypted external drives)...based on my understanding of the OPAL system (the encryption takes place far below the operating system). I should be able to verify that by booting from another drive and trying to read the SSD, but this is a bit beyond me at the moment.

 

What I don't like is that now I realize I am subject to the reported flaws in some self-encrypted SED that they were susceptible to some hacking that would expose the drive's factory password. This came out about a year ago and I accepted it only as a theoretical issue (I think it is primarily) until seeing the document from Lenovo I found this morning where they recommend "software encryption" for my particular drive. Which to them means Bitlocker (which I do not like. in general). So why did I even bother with this! And ~why~ is something as important as FDE so difficult to get clarity on? I loved TrueCrypt...maybe it's time to go "retro".

0 Kudos
1,123 Views
0
Report
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Users
Need to Know

NEW: AARP Games Tournament Tuesdays! This week, achieve a top score in Block Champ and you could win $100! Learn More.

AARP Games Tournament Tuesdays

Forums
More From AARP
Quick Links