What to do if BitLocker fails to encrypt the drive

by Madalina Dinita
Madalina Dinita
Madalina Dinita
Windows & Software Expert
Madalina has been a Windows fan ever since she got her hands on her first Windows XP computer. She is interested in all things technology, especially emerging technologies... read more
Affiliate Disclosure
  • BitLocker sometimes fails to encrypt disk drives, displaying several error messages.
  • Usually, this problem appears when the users are upgrading their OS to a newer version.
  • Cleaning the disk and re-creating the partition will most likely solve the issue right away.
  • A good solution is also to enable BitLocker without a compatible Trusted Platform Module.
What to do if BitLocker fails to encrypt the drive

To fix various PC problems, we recommend Restoro PC Repair Tool:
This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues and remove viruses now in 3 easy steps:

  1. Download Restoro PC Repair Tool that comes with Patented Technologies (patent available here).
  2. Click Start Scan to find Windows issues that could be causing PC problems.
  3. Click Repair All to fix issues affecting your computer's security and performance
  • Restoro has been downloaded by 0 readers this month.

BitLocker is a Windows 10 built-in tool that you can activate on your OS to protect your hard drives or removable drives from offline attacks.

While this is a most welcome software offered by Microsoft for privacy purposes, the tool has its glitches.

For instance, users complained about protected drives that were unusable when migrating from an older OS version to a newer one.

Other common BitLocker reported error messages are:

  • This device can’t use a Trust Platform Module
  • Illegal operation attempted on a registry key that has been marked for deletion
  • BitLocker Drive Encryption cannot be used because critical BitLocker files are missing or corrupted; use Windows Startup Repair to restore the file to your computer (0x8031004A)
  • The BitLocker encryption key could not be obtained from the Trusted Platform Module (TPM) and enhanced PIN; try using a PIN containing only numerals. C: was not encrypted
  • BitLocker could not be enabled; the data drive is not set to automatically unlock on the current computer and cannot be unlocked automatically. C: was not encrypted
  • The drive cannot be encrypted because it contains system boot information

For each of these errors, you’ll find a solution in this article. Hopefully, by the end of this material, you’ll be able to use BitLocker to the best of your needs.

How can I fix BitLocker drive encryption issues?

  1. Clean the disk and re-create the partition
  2. Change the Security Chip settings
  3. Enable BitLocker without a compatible TPM
  4. Clear the TPM (Trusted Platform Module)
  5. Change the settings of USB devices in BIOS

1. Clean the disk and re-create the partition

1.1 Clear the partition with a third-party software

Before we continue, keep in mind that this method will erase all the information stored on your disk.

It’s advisable to create a backup on a different drive just to make sure that you won’t lose all your files and folders.

For less hassle, you could assign this task to a third-party dedicated tool that will surely do the right thing. On this note, we recommend the excellent tool below.

It is a multifunctional assistant, that will manage, partition, and optimize your hard drive according to your needs.

If you have a backup, as mentioned, run this software to split, move, resize and manage your partitions, without data loss, to make the most of your disk space.

In this case, you’ll want to use the Format Partition feature, to fresh-clean the disk, so that you can move the saved data back in the blank space.

Get AOMEI Partition Assistant

Expert Tip: Some PC issues are hard to tackle, especially when it comes to corrupted repositories or missing Windows files. If you are having troubles fixing an error, your system may be partially broken. We recommend installing Restoro, a tool that will scan your machine and identify what the fault is.
Click here to download and start repairing.

1.2 Clear the partition manually

  1. Type cmd in the Windows search tab and click on Run as administrator to launch Command Prompt as an administrator.
  2. Type diskpart, and hit Enter.diskpart
  3. Enter list disk to show a list of all drives.list disk
  4. Enter select disk #  (where # is the problematic drive) and hit Enter.
  5. Type clean and hit Enter.
  6. Wait until the drive is cleaned. Now, it’s time to create a new partition.
  7. Type create partition primary and hit Enter
  8. Type assign letter = # (Once again, # is the letter you want to use).
  9. Format your partition by typing format fs=ntfs quick and hit Enter.

The manual process can be tricky so proceed with extreme care and follow it to the letter. If you’re not experienced, you should go with the software recommended above.

2. Change the Security Chip settings

  1. Start your machine and open the BIOS setup.
  2. Go to the Security tab and select Security Chip settings.
  3. Select the Discrete TPM option.
  4. Go to Clear Security Chip and save your changes.
  5. Restart your machine, log in, and enter your PIN. Check if the issue persists.

According to reports, it seems this issue affects machines equipped with Intel PTT Security Chips using particular settings.

Namely, when the issue occurred, the BitLocker Drive Encryption used TPM and PIN, and the Allow BitLocker without a compatible TPM option was turned off.

Also, the machines were running the OS in BIOS, not UEFI. We listed the general steps to follow above. Keep in mind that they may vary on your machine.

If you want to reverse the action, you need to replace the firmware’s boot capability with UEFI boot. Sometimes, you may also need to reinstall the OS.

In case you cannot arrive at a fix, we strongly recommend you to switch to using the software below, which is a powerful encryption tool.

Its wide range of security features includes copying encrypted lockers to the USB drive, CDs, DVDs, and even email attachments, as well as the possibility to upload your encrypted files to a cloud server.

Get Folder Lock

3. Enable BitLocker without a compatible TPM

  1. Open Run from Start button, write gpedit.msc, and hit OK.
  2. It will open the Local Group Policy Editor.
  3. Click on Administrative Templates from Computer Configuration and then on Windows Components.
  4. Select BitLocker Drive.
  5. Go to Encryption and then to Operating System Drives.bitlocker operating system drives
  6. Double-click on Require additional authentication at startup.bitlocker Require additional authentication startup
  7. In the new window, select Enabled and Allow BitLocker without a compatible TPM (requires a password or a startup key on a USB flash drive).bitlocker Require additional authentication startup
  8. Save the changes by hitting Apply.
  9. Now try to encrypt your drive by using BitLocker.

Enabling BitLocker from the Group Policy Editor without TPE can solve this problem quickly so make sure you try it by using the steps above.

4. Clear the TPM (Trusted Platform Module)

  1. Open Run from Start button, write tpm.msc, and press Enter.load management console windows 10
  2. A new management console will open.
  3. Under the Action tab, on the right, press Clear TPM.TPM trusted Platform Module
  4. In the Clear TPM Security Hardware box, the simplest solution is to check I don’t have the owner password and click OK.
  5. You will be asked to reboot. It will indicate that you should press a key (usually F10) in order to clear the TPM.
  6. Once the system reboots, you will be prompted to press a key (usually F10) to enable TPM. Press that key.
  7. The TPM Setup wizard will start for you to enter a TPM owner password.enter TPM owner password

<!– wp:windowsreport-companion/editorial-note-block {“text”:”Note: Before starting to clear TPM settings, please make sure that you backed up your computer, as mentioned in the first solution. This method may result in data loss.”,”icon”:”//cdn.windowsreport.com/wp-content/themes/windowsreport/assets/images/svg/note-pencil.svg”} /–>

5. Change the settings of USB devices in BIOS

  1. Enter the BIOS setup utility (Consult the manual from the manufacturer to learn how to do that for your specific model).
  2. Go to Advanced, then Peripheral Configuration.
  3. Access USB Host Controller and USB Devices.
  4. The setting of the USB Devices should be All.USB Host controller BIOS

This solution applies when BitLocker fails to encrypt the operating system drive using a USB startup key. The cause of it can be related to some settings in BIOS mode.

BitLocker usually does a great job encrypting your data, but after that, don’t forget to safeguard them with one of the best automatic backup software for Windows 10.

We hope that these solutions helped you to fix your BitLocker encryption problems. If you’ve got additional tips and suggestions, feel free to list them in the comments section below.

idee restoro Still having issues? Fix them with this tool:
  1. Download this PC Repair Tool rated Great on TrustPilot.com (download starts on this page).
  2. Click Start Scan to find Windows issues that could be causing PC problems.
  3. Click Repair All to fix issues with Patented Technologies (Exclusive Discount for our readers).

Restoro has been downloaded by 0 readers this month.

Frequently Asked Questions

  • You can clean the partition and reformat it. If it sounds too complicated, follow our guide on what to do if BitLocker fails to encrypt your data.

  • You will need to check the recovery passwords. If you can’t manage to do that, we have a step-by-step guide to fix the BitLocker failed to unlock issue.

  • You can only do that by formatting the drive. But if you don’t want it to encrypt your drive you can also disable it in Windows 10.

This article covers:Topics: