What to do when BitLocker failed to encrypt drive

Raluca Nedeianu avatar. By: Raluca Nedeianu
4 minute read
bitlocker failed

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patented Technologies (requires upgrade).


5 solutions to fix BitLocker  failure during encryption

  1. Enable BitLocker without a compatible TPM
  2. Clear TPM (Trusted Platform Module)
  3. Clean disk and re-create the partition with DiskPart
  4. Change the Security Chip settings
  5. Change the settings of USB devices in BIOS

In this article, we are going to talk about several errors that may appear when trying to encrypt your drive using BitLocker. This tool protects your operating system from offline attacks.

Here are some of the most common BitLocker errors:

  • This device can’t use a Trust Platform Module.
    • Go to Solution 1 to fix it.
  • Illegal operation attempted on a registry key that has been marked for deletion.
    • Go to Solution 2 to fix it.
  • BitLocker Drive Encryption cannot be used because critical BitLocker files are missing or corrupted. Use Windows Startup Repair to restore thee file to your computer (0x8031004A).
    • Go to Solution 3 to fix it.
  • The BitLocker encryption key could not be obtained from the Trusted Platform module (TPM) and enhanced PIN. Try using a PIN containing only numerals. C: was not encrypted.
    • Go to Solution 4  to fix it.
  • BitLocker could not be enabled. The data drive is not set to automatically unlock on the current computer and cannot be unlocked automatically. C: was not encrypted.
    • Go to Solution 5 to fix it.

Steps to fix BitLocker drive encryption issues

Solution 1: Enable BitLocker without a compatible TPM

  1. Open Run from Start button, write gpedit.msc and
  2. It will open the Local Group Policy Editor
  3. Click on Administrative Templates from Computer Configuration and then Windows Components.
  4. Select BitLocker Drive
  5. Encryption and then Operating System Drives.bitlocker operating system drives
  6. In that window, double-click on “Require additional authentication at startup”bitlocker Require additional authentication startup
  7. In the new window, select “Enabled” and “Allow BitLocker without a compatible TPM (requires a password or a startup key on an USB flash drive)”.bitlocker Require additional authentication startup
  8. Save the changes by pressing “Apply”.
  9. Now try to encrypt your drive by using BitLocker.

Solution 2: Clear TPM (Trusted Platform Module)

Before starting to clear TPM to factory defaults, please make sure that you backed up your computer. This method may result in data loss.

  1. Open Run from Start button, write tpm.msc and press enter.load management console windows 10
  2. A new management console will open.
  3. Under the Action section on the right, press Click TPM.TPM trusted Platform Module

  4. For various PC problems, we recommend this tool.

    This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

    1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
    2. Click “Start Scan” to find Windows issues that could be causing PC problems.
    3. Click “Repair All” to fix all issues with Patented Technologies (requires upgrade).

  5. In the Clear TPM Security Hardware box, the simplest solution is to check “I don’t have the owner password” and click OK.
  6. You will be asked to reboot. It will indicate that you should press a key (usually F10) in order to clear the TPM. Press the requested key.
  7. Once the system reboots, you will have to restart. After it restarts, you will be prompted to press a key (usually F10) to enable TPM. Press that key.
  8. The TPM Setup wizard will start for you to enter a TPM owner password.enter TPM owner password

Solution 3: Clean disk and re-create the partition with DiskPart

Before we continue, keep in mind that this method will erase all the information stored on your disk. Do create a back up on a different drive just to make sure that you won’t lose all your files and folders.

  1. Launch Command Prompt as an administrator, type diskpart and hit Enter.diskpart
  2. Enter list disk to show a list of all driveslist disk
  3. Enter select disk #  where # is the problematic drive.  Hit Enter.
  4. Type clean > hit Enter.
  5. Wait until the drive is cleaned. Now, it’s time to create a new partition.
  6. Type create partition primary and hit Enter
  7. Type assign letter = #. Once again, # is the letter you want to use.
  8. Format your partition by typing format fs=ntfs quick. Hit Enter.

Solution 4: Change the Security Chip settings

According to reports, it seems this issue affect machines equipped with Intel PTT Security Chips using particular settings. For example, the BitLocker Drive Encryption used TPM and PIN, and the “Allow BitLocker without a compatible TPM” was turned off.

Also, these machines run the OS in BIOS, not UEFI.

We’ll list the general steps to follow below. Keep in mind that they may vary on your machine.

  1. Start your machine > open BIOS setup
  2. Go to the Security tab > select Security Chip settings.
  3. Select the Discrete TPM option
  4. Go to Clear Security Chip > save your changes.
  5. Restart your machine, log in and enter your PIN. Check if the issue persists.

Please note that if you want to return to the previous settings of the Security Chip, you need to replace the firmware’s boot capability with UEFI boot. Sometimes, you may also need to reinstall the OS.

Solution 5: Change the settings of USB devices in BIOS

This error may appear when trying to encrypt the operating system drive using a USB startup key. The cause of it can be related to some settings in BIOS mode. Here’s a possible fix.

  1. Enter the BIOS setup utility.
  2. Go to Advanced, then Peripheral Configuration.
  3. Access USB Host Controller and USB Devices.
  4. The setting of the USB Devices should be All.USB Host controller BIOS

We hope that these solutions helped you to fix your Bitlocker encryption problems.

If you’ve got additional tips and suggestions, feel free to list them below.

RELATED POSTS TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patented Technologies (requires upgrade).

Discussions

Next up

Mozilla adds alerts about recently breached sites into Firefox browser

Giles Ensor avatar. By: Giles Ensor
3 minute read

Firefox has announced that it will start to warn users if they visit any breached sites. This is in an attempt to not only make […]

Continue Reading

More uncertainty for Microsoft’s Windows 10 October Update

Giles Ensor avatar. By: Giles Ensor
3 minute read

Oh dear. It’s been a pretty bad month for Microsoft concerning its Windows 10 October 1809 Update release. Microsoft eventually released the update a couple […]

Continue Reading

Confirmed: Microsoft now accepting ARM64 apps on its Store

Giles Ensor avatar. By: Giles Ensor
2 minute read

Yesterday, Microsoft released Visual Studio 15.9. With it came the announcement that “developers now have the officially supported SDK and tools for creating 64-bit ARM […]

Continue Reading