Bitlocker hardware encrypted separate data drive impossible to unlock after hibernation wake up

fplk 0 Reputation points


I've enabled bitlocker (hardware-encryption) for a volume on a secondary drive. Now, whenever my laptop wakes up from hibernation, the locked volume on the secondary drive isn't unlocked and becomes impossible to unlock. It is set up to auto unlock, but it's not possible to unlock it manually if it's locked with password/recovery key. Issuing manage-bde commands manually reports success yet produces no observable change in behavior.

Configuration that I now have is:

  • Disk 0 - 980 Pro
    • Partition 0 - OS - HW encrypted - works
      • Partition 1 - Data - HW encrypted - works
  • Disk 1 - 990 Pro
    • Partition 0 - Data - HW encrypted - broken

When I had disk0 with SW encryption, I had effectively the same problem. Switching disk 1 to SW encryption makes it unlock fine. After reboot / cold start, everything works as expected as well.

What I also noticed, is that the event sequence is slightly different for cold start & hibernation paths. For cold start (when things work), I see EnhancedStorage-EhStorTcgDrv (which, looking at the name, is responsible for edrive communication) issuing events 100 and 12.

On hibernation, it yields different sequence of events (see attachment) with event id's 100 and 13 (issuing authentication ops and reporting success).

See this for both logs; totally willing to provide more / any info if needed.

Would be really grateful for any eng help on this. Thank you!

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
6,814 questions
{count} votes

1 answer

Sort by: Most helpful
  1. kuro68k 1 Reputation point

    Same problem, and I have a solution. Forget BitLocker, it's broken for hardware encryption and Microsoft isn't interested in fixing it.

    Use sedutil instead. On boot it unlocks all drives. Works with hibernation. The only downside is that it doesn't support Sleep.