04-07-2017 03:15 PM - edited 04-07-2017 03:38 PM
I am trying to enable my self encrypting hard drive (SED) (Samsung MZNLN256HMHQ-000H7) on my new computer, after reading this white paper I understand that HP Client Security Manager should be able to do that (the paper says HP ProtectTools, but I understand that has been rebranded as HP Client Security Manager on my machine).
However, when I open the security manage there is no option for hard drive encryption.
Do I not have one of the "select models" that this applies to? I have an EliteBook 850 G4 - windows 10 64-bit
If not, how do I enable my SED?
I have looked into bitlocker but it seems that is software not hardware encryption.
Solved! View Solution.
Re: Trying to activate self encrypting hard drive - No Option for drive encryption in HP Client Secu
05-03-2017 10:14 AM
Here is my final chapter in trying to lock my self-encrypting drive (SED):
I have learned that HP Client Security is not supported on Windows 10 and will not lock my Samsung SED. HP technical support suggested I use Window's bitlocker to encrypt my drive. Bitlocker is a software based encryption service. I refuse to do this because of the performance degradation (the whole reason I bought a hardware based SED).
To set an authentication key and lock my drive I have been forced to purchased Winmagic's SecurDoc, which is the only non-enterprise software I could find that will lock my drive. It cost me over $100.
I am quite disappointed with HP for selling me a SED without the ability to lock it myself without additional software. I'll give them some credit that this was a custom set-up, and some blame should go to Microsoft for not allowing HP client security free reign.
More information I didn't find useful:
To lock a SED one needs to set an authentication key. I have read that many manufacturers will not enable this ability in the BIOS for fear that the customer will lock it and forget the password making the maching unless.
Another solution to my problem would be to obtain custom files to unlock this ability in the BIOS, this is beyond my ability.
I came across a few other solutions but they are beyond my ability as a computer user.
04-10-2017 10:33 AM
I have still been unsuccessful in solving my problem.
I thought the problem might have been with me not choosing to encrypt the very first time I opened the software so I have tried reinstalling the client security software. That did not do anything
(I am the computer administrator by the way)
This is driving me crazy I'm thinking about going to find other software.
If anyone has any ideas that might help me please let me know.
04-11-2017 07:29 AM - edited 04-11-2017 07:32 AM
I have the same problem.. Elitebook x360 1030 G2 with self encypting HD.
It would be nice if HP could just instruct you on how to activate the Self encrypting drive. I just want to be able to make a choice to "encrypt the HD" via its own chip/hardware, etc. There are white papers around that have some information but it doesn't appear crystal clear to me.
there is no information on how to actually activate HD (hardware encryption). I called HP and the best they could do was tell me that there weer no instructions on how to activate it for Windows 10. windows 7 and maybe earlier versuions of windows 10 shipped with HP protect tools. That software is not avaialble on my computer. The agent after speaking with his team manager several times advised that I should purchase and use WinMagic to mange the drive.
Bitlocker is installed so you can use that software encryption (Microsoft). There is also a power on lock and a drive lock option. I beleive that you must protect the bios with a n administrator password before you can use Drivelock.
Drivelock seems to allow/disallow access to HD but I don't believe that it is truly encrypting the HD.HP agent said it was not but he wasnt very knowledgeable.
SO if you bought a self encrypting HD (OPAL) with your laptop you may have to buy additional software use the encryption on the drive.
IF anybody has clear instructions and it actually states that this is how you turn on encryption in the Self encrypting HD it woudl be highly appreciated.
04-14-2017 10:40 AM
Thanks for the reply jj30.
I've been digging into this more, and still can't find any difinitive answers but I have an unceratin answer that I am sticking with for the time being until the time that this thread gets any attention.
I found a white paper at samsung (where my drive is from) that seems to suggest that the encryption is always on but useless until a password is set. It isn't talking about my exact drive but I hope the process is standard across their drives. I am really hoping that when I set a password at power-on from the HP Client Security Manager, that my drive is encrypted and protected.
I can't be sure, but this is what I am going to believe for the time being.
Here is the link to the whitepaper.
04-16-2017 07:39 AM
> to suggest that the encryption is always on but useless until a password is set.
Yes, that's how SEDs work. The drive is always encrypting AND decrypting. Until you change the authentication key and take ownership of the drive, the data isn't protected.
This enables the drive to be locked on a power reset and requires the authentication key to unlock.
So you need software to take ownership of the drive. And software to access the authentication key to unlock the drive.
04-16-2017 04:40 PM
Thanks for the post Dennis. It clears a few things up. However I am still unclear wheather my drive is currently being encrypted.
You say "Unitl you change the authentication key and take ownership"
Is that what HP Client Security did when I set up my window's / power-on password / fingerprints the first time I started up my computer?
04-18-2017 08:41 AM
I have the" power on" lock/password on one computer and bitlocker on another and drivelock on another.
If i access disk management , the c drive shows encrypted by bitlocker. the power on lock only computer doesn't show anything on the c drive about encryption and drivelock doesn't either (but i didn't expect it to show anything anyway in reference to drivelock)
I'm assuming that power on lock wouldn't show c drive encrypted anyway for the HD encryption because technically if i have logged in at the "power on" lock screen the drive is decrypted at the moment. Assuming that "power on" lock is the key to encrypt and decrypt the drive.
I too am interested to know if you have information about the power on lock/password Dennis. If you know that it is the key to encrypt and decrypt the HD (SED) or if we do indeed need software like WIn Magic to activate the encryption.
04-23-2017 02:03 PM
> Is that what HP Client Security did when I set up my window's / power-on password
If they support SEDs, that's what they need to do.
> I too am interested to know if you have information about the power on lock/password Dennis.
Sorry, I only know the low level commands and for Enterprise solutions.
Perhaps these tools may help you:
Looks like sedutil is like my tool.
04-26-2017 01:25 PM
I just got off the phone with HP support. They told me that HP Client Securty (which came pre-installed on my machine) isn't supported by Windows 10, and the software cannot manage my self-encrypting hard drive or even do any encryption anymore.
They suggested BitLocker, which I do not want to do because it is sofeware based and would not utilize my hardware based SED.
They were no further help.
Now I am off to find a non enterprise solution SED manager, which is proving difficult. Winmagic is one enterprise solution.
04-29-2017 06:49 PM
Here is how SEDs work, at least for SSC Enterprise: