When using bitlocker without a TPM, can the startup key be removed after boot? I want to know what to teach my users to do, since we can't have them leaving the startup keys in the PCs overnight or there'll be no security at all!

Hi, If the user that currently logged on the computer is administrator, the startup key can be removed after boot. If not, the standard user cannot disable Bitlocker. Administrator can disable Bitlocker via both command line bde-manage and GUI if the encrypted computer is already booted up. http://technet.microsoft.com/en-us/library/ff829849(v=ws.10).aspx Juke Chou TechNet Subscriber Support If you are TechNet Subscription user and have any feedback on our support quality, please send your feedbackhere. Juke Chou TechNet Community Support

Hi, Any update?Juke Chou TechNet Community Support

I don't mean disable or permanently remove Bitlocker, I just mean physically remove the startup key. Anyway, Windows itself produces a message saying "Remove media" or similar, that shows for a varying length of time just before the Windows splash screen. So it seems fine.

Hi, Of course, the startup key can be removed from computer. When the Windows 7 finish boot process, the drives encrypted by Bitlocker are already visible. We donot need startup key until the next reboot.Juke Chou TechNet Community Support