Shame on Microsoft, then. My Ubuntu Linux laptop was installed with the default settings for full disk encryption, and it uses my favourite layout right there at boot time.
A BIOS is 7bit ASCII - if you want anything more than that you need to load a ramdisk with drivers. If you're loading a ramdisk with drivers then you may as well also load a keylogger.
You'd also need to recreate that ramdisk if your hardware fails, and good luck booting from non-root encrypted volumes.
Using EN-US for boot disk volumes is pretty good advice.
Microsoft have thought this through - their recovery keys are ASCII numerals only and are entered using function keys since they're the only universal keys.
And where exactly the keylogger is supposed to come from? Has your laptop been tampered with during lunch? Then I'm afraid bitlocker is just as screwed as my Ubuntu. Or has the laptop been owned during use (remote vulnerability, double click on a malware…)? Same thing.
I'm not sure I see the point of this limitation. At a first glance, it seems using the BIOS only doesn't buy us much.
You'd also need to recreate that ramdisk if your hardware fails, and good luck booting from non-root encrypted volumes.
Using EN-US for boot disk volumes is pretty good advice.
Microsoft have thought this through - their recovery keys are ASCII numerals only and are entered using function keys since they're the only universal keys.
edit: relevent Technet: https://technet.microsoft.com/en-us/library/ee449438(v=ws.10...