Is Bitlocker secure enough for portable storage devices?

A cold boot attack is impossible on an offline device. The only way an attacker could use a cold boot attack on your portable storage device is if they also had physical access to your computer as it was plugged in the disk unlocked.

A cold boot attack relies on encryption keys being stored in RAM, and the persistence of that RAM once the computer is hard reset.

In short, you shouldn't worry too much unless there's a nation state after your data. Even then, I'd trust BitLocker unless there's a backdoor.


There are several possible attacks on Bitlocker, and apparently a software is available to the police that supports recovery of the password (but requires sniffing the RAM while the device is mounted and unencrypted).

The primary weakness is the recovery key stored in both AD and the TPM chip - but if your attacker has only the USB stick, those don't apply.

As often, the question cannot be answered with a yes/no answer without knowing your threat model - who do you want to protect yourself against?

Against common cybercriminals, Bitlocker can be assumed secure at this time, at least we know of no attack on a USB stick that is practical.

Against the NSA I wouldn't trust Bitlocker. It would surprise nobody if they had convinced Microsoft to include some backdoor or weakening of the cryptography used or if they knew of a way to unlock the recovery key from the TPM or could simply "convince" your AD admin to give them the key stored there.

Against Mossad, FSB, the like, you are somewhere inbetween and should make your own decision.

Then again, most nation state actors and high-level criminals would probably not bother with defeating the cryptography in your device. They'd simply cut off your fingers or hurt your friends until you remember the password.