Search
Search

You're this close to getting so much more ...

Get access to this and all Members-Only discussions, plus a world of member Benefits when you Join AARP!

Become an AARP Member for $12 Already a member? Login >

Members Only

My Settings Guidelines Help

Partitioning an encrypted OPAL SSD ?

Reply
fffred
Gold Conversationalist
‎01-05-2020 01:20 PM

Partitioning an encrypted OPAL SSD ?

I have a Lenovo T460 laptop with Windows 10 Pro. The SSD is factory encrypted; my PO says it's "256 GB Solid State Drive, Serial ATA3 OPAL2.0 - Capable". It's set up to have the BIOS password and the encryption password entered on boot up.

 

I want to partition the SSD so that I can have a z: drive for my personal files. (I am aware of some debates over partitioning SSDs)

 

I'm wondering how partitioning will affect the drive's encryption. I want both partitions to be encrypted.

 

Since it's an OPAL drive the encryption is supposed to be on the drive board itself, rather than going through the OS. So I surmise that partitioning the SSD should have no effect on the encryption. Is that correct? 

 

TIA

 

EDIT:   see my update in post # 2

 

 

0 Kudos
891 Views
1
Report
fffred
Gold Conversationalist
‎01-06-2020 03:24 PM

well, after not finding any reliable information on this via Google I went ahead and did this.

 

It was pretty easily actually. Lenovo support site provided a helpful document on partitioning the drive under Windows 10. This was very easy to do, took me only a few moments using the built-in tools of Windows 10.

 

Then I copied my data to the new "z:" drive and it works as expected. The indexing and search functions work as expected.

 

I am still prompted for the drive password on boot-up, and only once for the single (now-partitioned) drive. I assume that it is still encrypted (which was alway an assumption in the first place, unlike my encrypted external drives)...based on my understanding of the OPAL system (the encryption takes place far below the operating system). I should be able to verify that by booting from another drive and trying to read the SSD, but this is a bit beyond me at the moment.

 

What I don't like is that now I realize I am subject to the reported flaws in some self-encrypted SED that they were susceptible to some hacking that would expose the drive's factory password. This came out about a year ago and I accepted it only as a theoretical issue (I think it is primarily) until seeing the document from Lenovo I found this morning where they recommend "software encryption" for my particular drive. Which to them means Bitlocker (which I do not like. in general). So why did I even bother with this! And ~why~ is something as important as FDE so difficult to get clarity on? I loved TrueCrypt...maybe it's time to go "retro".

0 Kudos
842 Views
0
Report
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Users
Need to Know

"I downloaded AARP Perks to assist in staying connected and never missing out on a discount!" -LeeshaD341679

AARP Perks

Forums
More From AARP
Quick Links