none
Bitlocker keeps asking for recovery key.

    Question

  • We have setup windows 7 enterprise and have encrypted the machine. Everytime i reboot it asks for the recovery key. I have done the following. We have MBAM setup and the keys are stored automatically. I have had success with older models but this specific model is giving me a hard time.

    1. Made the C drive the first boot device

    2. Paused bitlocker, rebooted and resumed.

    3. Removed Encryption. Rebooted and encrypted again.

    4. Downgraded TPM to 1.2 from 2.0

    Tuesday, July 18, 2017 11:34 PM

All replies

  • Hi,

    Have you made any changes before this issue occurred?

    Please try the following methods and see if it helps.

    If machine is Powered On already, then suspend bitlocker first.

    Go to control panel - bitlocker Drive Encryption - Suspend Protection for Operating System Drive.

    Shutdown the machine.

    Power On the machine and go to BIOS

    In boot order change the boot order to Hard disk first, remove the DVD drive from the list or DVD drive should be at the end.

    Power On the machine and login to windows

    Go to control panel - -bitlocker Drive Encryption - Resume Protection for Operating System Drive.

    Wake ON Lan feature is generally turned ON in BIOS, with default setting to Boot to Network.

    The BIOS options under System Configuration\Built In Device Options\Wake On LAN are:

    Disabled

    Boot to Network

    Follow Boot Order

    If the option "Boot to Network" is selected, when the platform is awoken from the LAN, it will boot to the network, potentially fail and then boot to the hard drive by following the normal boot order. This results in a different measurement on a conventional BIOS system then following the normal boot order alone. The different measurement results in the message from BitLocker that the system boot information has changed and BitLocker forces the customer to enter the recovery key (or reboot).

    Configuring the setting to "Follow Boot Order" will cause the same boot sequence BitLocker used when it was turned on. This will cause BitLocker to boot normally.

    Best Regards,

    Tao


    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, July 19, 2017 6:35 AM
    Moderator
  • Hi,

    We haven’t heard from you for a couple of days, have you solved the problem?  We are looking forward to your good news.

    Best Regards,

    Tao


    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, July 27, 2017 8:58 AM
    Moderator
  • I have the same problem. and have not find out what it happened.

    But some post said, it may be caused by USB boot or thunder Boot, say also:

    https://community.spiceworks.com/topic/1359375-bitlocker-keeps-asking-for-recovery-key .

    https://www.dell.com/support/article/hk/zh/hkdhs1/sln304584/bitlocker-asks-for-a-recovery-key-every-boot-on-usb-c---thunderbolt-systems-when-docked-or-undocked?lang=en

    I am on business trip, and will test for that next week.



    • Edited by EnsoFather Tuesday, September 12, 2017 1:07 PM
    Tuesday, September 12, 2017 12:54 PM
  • Hii,

    I had the same problem and dont know how to fix it.

    i wanna try using this steps but i cant seem to find bitlocker drive encrytion on my control panel..

    right now i really dont know what to do..please help me resolve this issue..

    Sunday, May 20, 2018 2:54 PM