Share via

Bitlocker suddenly activated on my machine, prompting for recovery key that I don't have

SSD 0 Reputation points
2024-01-04T11:55:22.2766667+00:00

I've run into a very strange problem with my Lenovo laptop (Windows 10).

I have been using my laptop for over two years and have not enabled bitlocker. My machine is not registered to a domain. At startup I always enter the password for my local windows account.

One thing that happened recently was that my integrated camera stopped working and I updated the firmware. Shortly after it appears my laptop crashed and after a system shutdown my machine entered into the BitLocker recovery mode with the following message:

"Enter the recovery key for this drive. You need to enter your recovery key because Secure Boot policy has unexpectedly changed."

Like I mentioned, I have never enabled BitLocker on my machine itself, and therefore I do not have a recovery key.

Whenever I run manage-bde -status I get the results below. A lot is marked as 'Unknown', but I don't know if that means anything.

BitLocker Drive Encryption: Configuration Tool version 10.0.19041
Copyright (C) 2013 Microsoft Corporation. All rights reserved.

Volume C: [Label Unknown]
[Data Volume]

    Size:                 Unknown GB
    BitLocker Version:    2.0
    Conversion Status:    Unknown
    Percentage Encrypted: Unknown%
    Encryption Method:    XTS-AES 128
    Protection Status:    Unknown
    Lock Status:          Locked
    Identification Field: Unknown
    Automatic Unlock:     Disabled
    Key Protectors:       Numerical Password | TPM

Question: Is there any way to still be able to get access to my data?

Windows for business | Windows Client for IT Pros | User experience | Other
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-01-08T01:54:04.7466667+00:00

    Hello,
    Check if we could find the recovery key by following the steps below:
    https://support.microsoft.com/en-us/windows/finding-your-bitlocker-recovery-key-in-windows-6b71ad27-0b89-ea08-f143-056f5ab347d6

    Then try to disable security boot in BIOS to check.

    Based on my search, some reasons could cause auto enable Bitlocker encryption. You could check the Device encryption part in the link below.
    https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/#device-encryption

    If a device doesn't initially qualify for device encryption, but then a change is made that causes the device to qualify (for example, by turning on_Secure Boot_), device encryption enables BitLocker automatically as soon as it detects it. Or When a clean installation of Windows is completed and the out-of-box experience is finished, the device is prepared for first use. As part of this preparation, device encryption is initialized on the OS drive and fixed data drives on the computer with a clear key that is the equivalent of standard BitLocker suspended state. In this state, the drive is shown with a warning icon in Windows Explorer.

    So I consider that you updated the BIOS meet some function and change the hardware.

    Maybe also could use manage-bde -off E: to check.

    Check Bitlocker FAQ:

    https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/faq

    Best Regards,
    Hania Lian

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.