none
Bitlocker fails to find USB Key ONLY When TPM+PIN+STARTUPKEY are enabled RRS feed

  • Question

  • Hi

    I cant enable bitlocker with TPM+PIN+Startupkey. Bitlocker asks for the USB key to be insterted on bootup.

    TPM+PIN works fine, I tested it.

    TPM+Startupkey works fine, I tested it.

    I have ownership of my TPM and its working for EFS right now.

    When I enable TPM+Startupkey+PIN, bitlocker fails to unlock at bootup, asking me to insert my USB key.

    I've tried both USB 2 and 3 ports on my PC, nothing works.

    I'm forced to enter a recovery password to unlock.

    My group policy allows all methods of authenication, and requires use of a TPM.

    The USB drive is formatted as FAT32, containing 2GB. 

    My system is a EUFI installation, using GPT. The USB drive is detected in BIOS, windows boots first.

    My BIOS is updated too.

    Latest chipset drivers are installed.

    Latest USB drivers installed.

    I have a Sabertooth 990fx motherboard.

    Windows 10, non beta, latest updates.


    Monday, January 25, 2016 1:07 AM

All replies

  • Hi 99ytrewq911,

    We could refer to the following link to configure BitLocker with  TPM, PIN, and USB StartupKey.
    How to configure BitLocker with  TPM, PIN, and USB StartupKey
    https://mrhorn.com/wp/posts/bitlocker-with-tpm-pin-usb-startupkey/

    Due to the limited working environment, it is not available for me to test this. We would appreciate it if you would post back the test result.

    If the issue persists, we could check the Event Viewer for more information to troubleshoot this issue(Applications and Services\Microsoft\Windows\Bitlocker)

    NOTE: This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites.

    Best regards


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Tuesday, January 26, 2016 7:35 AM
    Moderator
  • This was exactly the guide I followed, along with some variations of it(Different recovery methods.)

    Upon rebooting after this guide, I receive the same error.

    Saturday, January 30, 2016 5:15 PM
  • Hi 99ytrewq911,

    Due to the limited working environment, it is not available for me to test this(no TPM). According to that link, I would suggest to check the group policy result by checking "rsop.msc". We may need to restart the machine several times during the configuring process. A restart after configuring the group policy. A restart after configuring the TPM. A restart after configuring Bitlocker.

    If all the configuration has been applied successfully, I suspect this combination was no longer supported by Bitlocker on Windows 10. If it is possible, please test on another machine to verify this.

    Best regards


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.



    Tuesday, February 2, 2016 2:21 AM
    Moderator
  • I already had this setting setup before changing key protection methods.

    I do not have another machine to test this on.

    Sunday, February 7, 2016 9:54 PM