FIX: Lenovo BitLocker requests recovery key at every boot

2 minute read

Home » Fix » FIX: Lenovo BitLocker requests recovery key at every boot

BitLocker encrypts hard drives and flash drives on some Lenovo PCs. However, some Lenova Yoga users have stated in forum posts that BitLocker keeps requesting the recovery key every time they boot up Windows.

Consequently, the users need to enter the key every time they boot up. The issue often arises after motherboard hardware changes.

How to fix Lenovo Bitlocker key issues

1. Update the BitLocker TPM

Users with new motherboads need to repopulate the TPM (Trusted Platform Module) to fix the recovery key requests. A new motherboard’s TPM will not include any info about the BitLocker encryption.

Thus, updating the TPM by temporily suspending protection usually fixes the issue. This is how users can update the TPM in Windows.

  • Open File Explorer with the Windows key + E hotkey.
  • Then right-click the hard drive that BitLocker is turned on for and select Manage BitLocker.
  • A Control Panel applet that includes BitLocker settings will then open. Click the Suspend protection option.
  • A dialog box window will open asking, “Do you want to suspend BitLocker protection?” Press the Yes button to confirm.
  • Then click the Resume protection option a few minutes after suspending protection.
  • Then restart the desktop or laptop.

2. Update the BitLocker TPM via Command Prompt

  • Alternatively, users can update BitLocker’s TPM with the Command Prompt. To do that, press the Windows key + R hotkey.
  • Then enter ‘cmd’ in Run, and press Ctrl + Shift + Enter to open an elevated Command Prompt.

  • Input ‘Manage-bde -status c:’ (for the c: drive) in the Command Prompt, and press the Return key.
  • To delete TPM info, enter ‘Manage-bde – protectors -delete c: -type TPM’ and press Return.

  • Then input ‘Manage-bde -protectors -add c: -tpm’ in the Prompt, and press the Enter key.
  • Close the Command Prompt.
  • Click Restart on the Start menu.

— RELATED: How to turn off BitLocker in Windows 10, 8.1 or 7

3. Turn Off BitLocker

  • Users can turn off BitLocker to stop the pre-boot authentication. To do that, open the Run accessory.
  • Then open the Command Prompt by entering ‘cmd’ in the text box and pressing Ctrl + Shift + Enter.
  • Input ‘manage-bde -off C:’ in the Prompt and press Return to turn off BitLocker.

  • Alternatively, users can turn off the BitLocker service. To do that, open the Run accessory.
  • Enter ‘services.msc’ in Run’s text box and click OK to open the window directly below.

  • Then double-click BitLocker Drive Encryption Services to open its properties window.
  • Select Disabled on the Startup type drop-down menu.
  • Press the Apply button.
  • Click the OK button to close the window.
  • Then restart Windows.

Updating the TPM or turning BitLocker off will probably stop pre-boot recovery key requests. If anybody has further fixes for BitLocker pre-boot authentication, feel free to share them below.

RELATED ARTICLES TO CHECK OUT:

Discussions

Next up

Xbox One update error code 0x8b0500b6 [TESTED FIXES]

Mihai Duna avatar. By: Mihai Duna
2 minute read

Some Xbox One users reported experiencing an issue while trying to update installed apps. The updates come to a halt while being blocked by a […]

Continue Reading

This is how we fixed Origin client loading issues for good

Mihai Duna avatar. By: Mihai Duna
2 minute read

Some users reported experiencing a peculiar issue with Origin. Upon opening the app, they get to a blank page, Origin not being able to load […]

Continue Reading

Steam client goes offline randomly [STEP-BY-STEP GUIDE]

Mihai Duna avatar. By: Mihai Duna
2 minute read

Many Steam users experienced issues with Valve’s online gaming platform. A frustrating issue forcing the Steam client to go offline randomly left gamers in the […]

Continue Reading