From LedHed's Wiki
Jump to: navigation, search
(Created page with "== Overview == If you use BitLocker and find yourself in a situation where upon reboot your computer keeps prompting you for a BitLocker Recovery Password you may have exceede...")
 
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
 
== Overview ==
 
== Overview ==
 
If you use BitLocker and find yourself in a situation where upon reboot your computer keeps prompting you for a BitLocker Recovery Password you may have exceeded the max number of password attempts.
 
If you use BitLocker and find yourself in a situation where upon reboot your computer keeps prompting you for a BitLocker Recovery Password you may have exceeded the max number of password attempts.
 +
 +
 +
 +
== Causes ==
 +
There are many possible causes for this phenomena.
 +
*Entering the personal identification number (PIN) incorrectly too many times so that the anti-hammering logic of the TPM is activated.
 +
*Changing the boot order to boot another drive in advance of the hard drive.
 +
*Having the CD or DVD drive before the hard drive in the BIOS boot order and then inserting or removing a CD or DVD.
 +
*Docking or undocking a portable computer. In some instances (depending on the computer manufacturer and the BIOS), the docking condition of the portable computer is part of the system measurement and must be consistent to validate the system status and unlock BitLocker. This means that if a portable computer is connected to its docking station when BitLocker is turned on, then it might also need to be connected to the docking station when it is unlocked. Conversely, if a portable computer is not connected to its docking station when BitLocker is turned on, then it might need to be disconnected from the docking station when it is unlocked.
 +
*Turning off, disabling, deactivating, or clearing the TPM.
 +
*Updating option ROM firmware.
 +
*Upgrading TPM firmware.
 +
*Changes to the master boot record on the disk.
 +
For a full list see:  https://technet.microsoft.com/en-us/library/dn383583(v=ws.11).aspx
 +
  
  
Line 14: Line 29:
  
  
Once you've booted back into Windows, you can resume BitLocker protection by going to the control panel and clicking 'Manage BitLocker'
+
Once you've booted back into Windows, you can resume BitLocker protection by going to the control panel and clicking 'Manage BitLocker'. If you are able to boot into the OS without going to Windows Recover, then you can suspend and resume BitLocker through the control panel. Reboot at least once to confirm the recovery loop has been cleared.
 +
 
  
  
Line 20: Line 36:
 
https://social.technet.microsoft.com/wiki/contents/articles/18671.bitlocker-troubleshooting-continuous-reboot-loop-with-bitlocker-recovery-on-a-slate-device.aspx
 
https://social.technet.microsoft.com/wiki/contents/articles/18671.bitlocker-troubleshooting-continuous-reboot-loop-with-bitlocker-recovery-on-a-slate-device.aspx
  
 
+
https://technet.microsoft.com/en-us/library/dn383583(v=ws.11).aspx
  
 
[[Category:BitLocker]]
 
[[Category:BitLocker]]

Latest revision as of 17:41, 20 July 2017

Overview

If you use BitLocker and find yourself in a situation where upon reboot your computer keeps prompting you for a BitLocker Recovery Password you may have exceeded the max number of password attempts.


Causes

There are many possible causes for this phenomena.

  • Entering the personal identification number (PIN) incorrectly too many times so that the anti-hammering logic of the TPM is activated.
  • Changing the boot order to boot another drive in advance of the hard drive.
  • Having the CD or DVD drive before the hard drive in the BIOS boot order and then inserting or removing a CD or DVD.
  • Docking or undocking a portable computer. In some instances (depending on the computer manufacturer and the BIOS), the docking condition of the portable computer is part of the system measurement and must be consistent to validate the system status and unlock BitLocker. This means that if a portable computer is connected to its docking station when BitLocker is turned on, then it might also need to be connected to the docking station when it is unlocked. Conversely, if a portable computer is not connected to its docking station when BitLocker is turned on, then it might need to be disconnected from the docking station when it is unlocked.
  • Turning off, disabling, deactivating, or clearing the TPM.
  • Updating option ROM firmware.
  • Upgrading TPM firmware.
  • Changes to the master boot record on the disk.

For a full list see: https://technet.microsoft.com/en-us/library/dn383583(v=ws.11).aspx


Solution

While in Windows Recovery (WinRE) run the following commands:

manage-bde -status c:

If the status comes back as 'Locked' then:

manage-bde -unlock c: -rp <your 48-digit recovery password>
manage-bde -protectors -disable c:


Once you've booted back into Windows, you can resume BitLocker protection by going to the control panel and clicking 'Manage BitLocker'. If you are able to boot into the OS without going to Windows Recover, then you can suspend and resume BitLocker through the control panel. Reboot at least once to confirm the recovery loop has been cleared.


Reference

https://social.technet.microsoft.com/wiki/contents/articles/18671.bitlocker-troubleshooting-continuous-reboot-loop-with-bitlocker-recovery-on-a-slate-device.aspx

https://technet.microsoft.com/en-us/library/dn383583(v=ws.11).aspx