none
Can't access my external hard drives because of BitLocker RRS feed

  • Question

  • *Crossposting this from Microsoft community because I was told to ask here instead.

    I'm using Dell XPS 13 9360 with Windows 10 Home edition. Got my motherboard replaced recently. After that, I would always get asked for the BitLocker recovery key every time I start up my laptop. I got annoyed so I searched online for a solution. I found one saying to turn off the BitLocker encryption. I did that and thought that it was successful because the request for recovery key didn't appear upon start up anymore. However, when I plugged in my external hard drive I couldn't open it because it was asking for a BitLocker recovery key. Plugged in my two other external hard drives (one of them wasn't even password protected) and got asked for recovery keys too. I tried to use the recovery key for my laptop but that didn't work for any of the three. Note that I was able to access all of them before I turned off the encryption.

    Searched online for solutions.

    First thing I tried was to enable the encryption again. But every time I click the button, it would always say "Something went wrong. Try again later."

    Next, I followed Dell's tip (turn off BitLocker, activate TPM, then switch Bitlocker on again) thinking it suited my case. However, the TPM in the guide pictures was an earlier version of my TPM which is 2.0. The settings were quite different. I wasn't sure which ones I should click so I just enabled it without bothering to change the other settings. I thought I only had turn on the BitLocker and my problem would be solved but when my laptop restarted, I couldn't find the setting for turning it back on in my control panel anymore. Should I change the TPM settings? 

    I don't know what to do anymore. I still cannot open my external hard drives. I tried reaching out to Dell but they said they don't have control over BitLocker issues and I should ask Microsoft for assistance. This whole issue is confusing me because:

    1. I don't ever remember actively encrypting any of my computers and drives with BitLocker. I have never saved any recovery key. How did all these happen?

    2. I am only using a Windows 10 Home edition. From what I've read, BitLocker is only available on Pro and Enterprise so how come my devices are encrypted and I'm being asked for keys?

    Additionally, my old HP laptop running on Windows 7 Home is experiencing the same issue. It was reformatted about a month ago. After that, I couldn't open my external hard drives there anymore because I don't have the keys. I didn't pay much attention to it before because I wasn't planning on using my old laptop any longer.

    I'm at wit's end now. I got three external hard drives (4.5TB in total) that are encrypted by BitLocker and neither of my two laptops can access them. Somebody help me. Thank you. 




    • Edited by rae yeaaah Thursday, June 8, 2017 12:48 PM
    Wednesday, June 7, 2017 1:26 AM

All replies

  • BitLocker is not available on Windows 10 Home edition. It’s available on Windows 10 Pro, Enterprise and Education editions.

    I shall suggest you to format the drive.


    S.Sengupta, Windows Insider MVP

    • Proposed as answer by Joy-QiaoModerator Thursday, June 8, 2017 10:39 AM
    • Unproposed as answer by rae yeaaah Thursday, June 8, 2017 5:23 PM
    Wednesday, June 7, 2017 3:06 AM
  • rae yeaaah, there are some things to take note of: the home edition of windows offers a crippled version of bitlocker, which is called "device encryption". Let's call it "DE". DE is activated automatically on supported hardware on windows 8.1 and windows 10 as soon as we use a microsoft account to log on with. Drives are set to auto-unlock using the keys stored on the encrypted boot drive. The encrypted boot drive uses a tpm chip to aquire a key on boot. Understood?

    If you change the mainboard, there's no TPM to hand the key to the boot loader anymore, so it asks for the recovery key. If you do not plan to use bitlocker any longer, enter the recovery key and decrypt all drives at the command line (right click cmd, select "run as administrator) like this:

    manage-bde -off c:

    manage-bde -off d:

    ...

    It will task hours until this is finished depending on drive and drive connection speed.

    Wednesday, June 7, 2017 6:41 AM
  • Thank you so much for trying to help me, Ronald.

    I tried to follow your instructions. I attached one of my external hard drives and went ahead with the command prompt but this was what I got:


    Did I miss anything?

    Note that I have already decrypted my laptop before but, unfortunately, I didn't think about plugging in my external hard drives when I did that. Are there any other way to work around this? I want to believe that there is. I'm not inclined to wiping my external hds. If it's of any significance, my TPM is currently disabled.

    Wednesday, June 7, 2017 8:18 PM
  • Yep, you missed a little thing: before we can turn off bitlocker on a drive, we need to unlock it first:

    manage-bde -unlock h: -rp 123123-123332-...your-recovery-key-here

    After this command, you can use manage-bde -off h:

    Thursday, June 8, 2017 9:44 AM
  • Here are the results.

    This is what I got when I tried to unlock and switch off bitlocker on my external hds:

    I played around a little. This is what I got when I tried the commands to my OS (C.:):

    Tried to turn it on too:

    I was only able to use one key for all the drives. I used the one for my laptop because that's the only key in my Microsoft account but from what I understand each drive needs a different key. Problem is, I don't know where to find the keys for my external hds.

    Thursday, June 8, 2017 1:46 PM
  • Recovery keys have IDs. The command

    manage-bde -protectors -get h:

    Will show you the ID for the recovery key for h:

    If you don't have the recovery key corresponding to that ID, your data on h: is lost unless you have other protectors like a password or an external key. Please quote the output of 

    manage-bde -protectors -get h:

    Friday, June 9, 2017 7:31 AM
  • Here's the result:

    Yes, I've got different IDs, one fore each drive. But, on my microsoft account the only available ID and recovery key pair is the one for my laptop. I feel like I'm running around in circles so here are some questions/notes/concerns: 

    1. Not that I'm directing my anger towards you, really appreciate your help, but I am so frustrated at how Microsoft can lock out my external hdds without bothering to inform me and give me the freaking keys. Is there any way for me to find the keys given that I have the IDs?

    2. As I have mentioned in my original post, I only got locked out of my external hdds after I turned off the encryption (turned off because I got annoyed of the key prompts every reboot). Before that, I could completely access all of them with no problem. If I manage to turn the encryption back on, would that give me access to my external hdds again?

    3. In relation to number 2, with the guidance of this Dell tip and some changes to my TPM settings, would it be possible for me to switch back on the encryption despite my laptop only running on Windows 10 Home edition?

    4. If the above possible solutions fail, would upgrading my system to Windows 10 Pro allow me to enable my BitLocker and thus give me access to my external hdds?


    You might be wondering why my idea of solving this issue is to simply switch back on the encryption/BitLocker. That's because, again as I have mentioned, I got this issue after switching it off. Before that, I would get asked for the recovery key of my laptop on every start up but I was able to access my external hdds.

    Another rant just to throw it out there: why would Microsoft give Home users a crippled version of BitLocker? Better not give it at all if it only messes up our system.






    • Edited by rae yeaaah Friday, June 9, 2017 2:36 PM
    Friday, June 9, 2017 2:32 PM
  • Hi ResidentX10,

    There are several things I want to confirm.
    1.You are using the Windows 10 Home version. Please share us the exact version you are using. Run "winver" to check.
    2.There is no drive encrypted on the machine. Only the external HDDs are encrypted by Bitlocker, right?
    Here I have a question. Are these HDDs encrypted on a Windows 10 version? If you encrypted them on a Windows 10 machine, please ensure you have updated the Windows 10 to the latest version. At least you have got Windows 10 1511 version.
    There is a new algorithms added for Bitlocker since Windows 10 1511 version and the encrypted drives are only available to be unlocked on Windows 1511 and later version.
    3. For decrypting the Bitlocker drives, we should unlock them firstly.
    Since the drives has got into recovery mode, we should use the recovery key to unlock it. The recovery key for each encrypted drive is unique. Please ensure you are using the corresponding recovery key by comparing the "Key Identifier".


    Once the drive is unlocked (accessiable), we could take the steps as Dell website suggested to disable Bitlocker then check the TPM settings.

    If the recover key is missing, I am afraid we will lose the data forever. The best bet is to contact the professional data recovery support for help.
    Best regards


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, June 12, 2017 8:16 AM
    Moderator
  • Rae, your output shows, there are two keys. The 2nd key being a file 27F0...bek

    Where is that file? you might ask. Windows creates it and saves it to c: when you activate auto-unlock for that drive. In that case file is not accessible by you. But the command does not list that auto-unlock is even in use.

    Could it be that you added a startup key (usb based) protector for drive h:?

    Monday, June 12, 2017 8:32 AM
  • Hi MeipoXu! Thank you for trying to help me. Sorry for the late response.

    1. Currently running Windows 10 version 1607. Some updates are installing as I'm typing this.

    2.1. I'm not sure if I understand your question correctly. I'm not that tech-savvy, I just get by with google. Right now, only the external HDDs appear to be encrypted by BitLocker. My OS drive has been decrypted when I turned off BitLocker.

    2.2. I am also not sure which Windows encrypted them because I did not actively encypt them myself. Only learned about BitLocker after this issue. Hope the following information can help us figure it out. 
    All of the 3 external hdds were first attached to a Windows 7 Home laptop. Never knew about BitLocker then. Got my Windows 10 Home laptop earlier this year. I was able to access my external hdds on it without being asked for a password. Now you have to forgive me for not remembering everything clearly for the events I'm trying to recall didn't matter to me when they occured. I can't say when exactly my Windows 7 Home lost access to my external hdds because of BitLocker. I'm not sure if it was after I had my Windows 7 Home reformatted or even before that. Next series of events were changing the motherboard, recovery key prompts, turning off BitLocker, then external hdds asking for recovery keys. My guess is that Windows 10 encrypted them because if Windows 7 did, then the Windows 10 laptop shouldn't have had accessed them from the beginning, right?


    I still don't know where the freaking keys are but I will try to check my USBs later as Ronald Schilf has suggested.

    Just a few questions:
    1. After my motherboard got replaced, how was it possible that I still had access on my external hdds when I only punched in the recovery key for my laptop on every reboot? Why did they only lock out after I decrypted/turned off BitLocker on my laptop? 

    2. How do I contact professional data recovery support for help?
    • Edited by rae yeaaah Monday, July 24, 2017 1:05 AM
    Thursday, June 15, 2017 6:56 AM
  • 1. When the other drives are setup to auto-unlock, their key is saved as a .bek file on drive c:, so as long as you get into c:, you get into the other drives. I never decrypted a drive with keys for other drives on it, maybe that action has notified you that it will delete the keys for the other drives? I could try in a vm, but what does it help? If you don't find that recovery key, nor the .bek file, your data is lost and also

    2. no data recovery support can help you - those cannot break encryption when in recovery mode.

    Thursday, June 15, 2017 7:18 AM
  • Hi, is your problem solved?

    I recently having almost the same situation.

    My Dell laptop locked itself after few auto start of the windows 10 home edition which believed to be cause by updating driver or windows update.

    I contacted Dell, I contacted microsoft, but none of them solve my problem. At the end Dell replacement me a new harddisk. But I still need to find a solution to get back the data in the old harddisk.

    If you found a solution please share to me. 

    Thank you.

    Thursday, March 8, 2018 8:29 AM
  • Can I know what it means by TPM under All Key Protectors?

    It give me an ID and a PCR Validation Profile: 7,11

    Thursday, March 8, 2018 8:31 AM

  • I work on a Mac and have all of my data stored on external HDs. I plugged my external Hard Drive into my friend's Dell XPS running windows 10, just to transfer a file onto the drive. After removing the drive I connected it to my Mac however my Mac couldn't read the drive. I connected it back into the Dell XPS and realised it had become Bitlocker encrypted. I could still view the files through the Dell XPS however I couldn't view them on my Mac, so I tried to turn off the encryption on the hard drive through the Dell XPS. I turned off device encryption, and after doing this I couldn't get access to the external HD even on the Dell, as it was asking for a recovery key which I didn't have. 

    I am convinced that turning off device encryption was the culprit for locking me out. I'm looking for ways to find a recovery key but I'm not very good with tech and It's not looking good so far. I'd love to know if rae yeaaah had any luck with this. Cheers.

    Thursday, April 19, 2018 9:22 PM
  • I feel bad for everyone who's experiencing the same issue. Everyone who posted here has been helpful, unfortunately none of them worked for me. I looked around other websites as well to no avail. I found no solution. In the end, there was nothing left for me to do but format all my external hard drives. I just tried to salvage some of my files through a recovery software. Note that I was not able to recover all of my files, most were not in working condition anymore.

    Good luckHope this catches the attention of Microsoft and they address the issue.

     

    Friday, April 20, 2018 10:08 AM
  • Maybe you can try asking your friend to access his/her Microsoft account and check if he/she can find the key there?
    • Edited by rae yeaaah Friday, April 20, 2018 1:25 PM
    Friday, April 20, 2018 10:11 AM
  • "I shall suggest you to format the drive." Wow... The guy just lost everything, like me tonight (7 years of data), and it is your best answer? Find another job.
    Friday, September 7, 2018 3:59 AM