From LedHed's Wiki
(Created page with "== Overview == If you use BitLocker and find yourself in a situation where upon reboot your computer keeps prompting you for a BitLocker Recovery Password you may have exceede...") |
|||
| Line 1: | Line 1: | ||
== Overview == | == Overview == | ||
If you use BitLocker and find yourself in a situation where upon reboot your computer keeps prompting you for a BitLocker Recovery Password you may have exceeded the max number of password attempts. | If you use BitLocker and find yourself in a situation where upon reboot your computer keeps prompting you for a BitLocker Recovery Password you may have exceeded the max number of password attempts. | ||
| + | |||
| + | |||
| + | |||
| + | == Causes == | ||
| + | There are many possible causes for this phenomena. | ||
| + | *Entering the personal identification number (PIN) incorrectly too many times so that the anti-hammering logic of the TPM is activated. | ||
| + | *Changing the boot order to boot another drive in advance of the hard drive. | ||
| + | *Having the CD or DVD drive before the hard drive in the BIOS boot order and then inserting or removing a CD or DVD. | ||
| + | *Docking or undocking a portable computer. In some instances (depending on the computer manufacturer and the BIOS), the docking condition of the portable computer is part of the system measurement and must be consistent to validate the system status and unlock BitLocker. This means that if a portable computer is connected to its docking station when BitLocker is turned on, then it might also need to be connected to the docking station when it is unlocked. Conversely, if a portable computer is not connected to its docking station when BitLocker is turned on, then it might need to be disconnected from the docking station when it is unlocked. | ||
| + | *Turning off, disabling, deactivating, or clearing the TPM. | ||
| + | *Updating option ROM firmware. | ||
| + | *Upgrading TPM firmware. | ||
| + | *Changes to the master boot record on the disk. | ||
| + | For a full list see: https://technet.microsoft.com/en-us/library/dn383583(v=ws.11).aspx | ||
| + | |||
| Line 20: | Line 35: | ||
https://social.technet.microsoft.com/wiki/contents/articles/18671.bitlocker-troubleshooting-continuous-reboot-loop-with-bitlocker-recovery-on-a-slate-device.aspx | https://social.technet.microsoft.com/wiki/contents/articles/18671.bitlocker-troubleshooting-continuous-reboot-loop-with-bitlocker-recovery-on-a-slate-device.aspx | ||
| − | + | https://technet.microsoft.com/en-us/library/dn383583(v=ws.11).aspx | |
[[Category:BitLocker]] | [[Category:BitLocker]] | ||
Revision as of 17:40, 20 July 2017
Contents
Overview
If you use BitLocker and find yourself in a situation where upon reboot your computer keeps prompting you for a BitLocker Recovery Password you may have exceeded the max number of password attempts.
Causes
There are many possible causes for this phenomena.
- Entering the personal identification number (PIN) incorrectly too many times so that the anti-hammering logic of the TPM is activated.
- Changing the boot order to boot another drive in advance of the hard drive.
- Having the CD or DVD drive before the hard drive in the BIOS boot order and then inserting or removing a CD or DVD.
- Docking or undocking a portable computer. In some instances (depending on the computer manufacturer and the BIOS), the docking condition of the portable computer is part of the system measurement and must be consistent to validate the system status and unlock BitLocker. This means that if a portable computer is connected to its docking station when BitLocker is turned on, then it might also need to be connected to the docking station when it is unlocked. Conversely, if a portable computer is not connected to its docking station when BitLocker is turned on, then it might need to be disconnected from the docking station when it is unlocked.
- Turning off, disabling, deactivating, or clearing the TPM.
- Updating option ROM firmware.
- Upgrading TPM firmware.
- Changes to the master boot record on the disk.
For a full list see: https://technet.microsoft.com/en-us/library/dn383583(v=ws.11).aspx
Solution
While in Windows Recovery (WinRE) run the following commands:
manage-bde -status c:
If the status comes back as 'Locked' then:
manage-bde -unlock c: -rp <your 48-digit recovery password>
manage-bde -protectors -disable c:
Once you've booted back into Windows, you can resume BitLocker protection by going to the control panel and clicking 'Manage BitLocker'
Reference
https://technet.microsoft.com/en-us/library/dn383583(v=ws.11).aspx