Does reset to defaults decrypt the drive first? RRS feed

  • Question

  • A while ago I had to reset a tablet running Windows 10 Pro to "factory defaults". The only drive, C, employed full Bitlocker encryption. There was a warning at the start of the process about turning off encryption and deleting the tablet. Following my confirmation, the system stayed at that blue "preparing" screen (can't really remember the correct wording on the screen, but it had that circular progress indicator) for at least one or two hours (I thought it was unusually long for a simple "delete & reset to defaults" action). Only after this part was finished, the system rebooted and the black screen with "installing Windows" stuff went on.

    So, here's the billion dollar question - does Windows actually decrypt the drive first, and only then starts "resetting" (reinstalling...) to defaults? Judging from my observation of the process, it seemed so. In this case, if I understand this correctly, this means that the data on the device is briefly in a non-encrypted state before the reset, so I suppose one could actually restore it without much effort. It doesn't make sense.

    Unless there is some other "safe deletion" in action somewhere during the process? Because "decrypt first, delete and reinstall later" certainly seems weird to me.
    Saturday, January 7, 2017 8:48 AM

All replies

  • "Reset to factory defaults" will write an image file to the drive. The process will not retain any data, nothing will be decrypted, but just overwritten. I guess the warning is only there to make you aware that after resetting to defaults, you'll have a non-encrypted tablet that you need to re-encrypt.

    I have no idea what took so long, but I never used that process myself, we use imaging solutions.

    Saturday, January 7, 2017 12:19 PM