Bitlocker asking for password on each boot / restart

Question

Hi, recently I used partition software to recover some unallocated space, during this, it asked me to turn off device encryption, which I did.

This is on a Windows 11 Home laptop.

I didn't realise at the time it would cause this much issue.

So I fixed the unallocated space issue, then I wanted to turn device encryption back on, I then found the options to turn it back on, had completely vanished.

The partition software I used could turn it back on, but this was a pro feature, so I felt compelled it buy it, so I could turn it back on.

I encrypted my drive using the software, and now every time I boot or restart, I get a blue screen asking me to put my password in.

I did setup a password so can get into Windows, I had to add a password, as the software wouldn't let me past that option without putting one in.

I have tried a couple of things myself. In control panel and device encryption, there's no open on there to turn auto unock on

I have also tried using the following in command prompt:

manage-bde -autounlock -enable c:

and get the following error:

PS C:\Users\James> manage-bde -autounlock -enable c:
BitLocker Drive Encryption: Configuration Tool version 10.0.22621
Copyright (C) 2013 Microsoft Corporation. All rights reserved.

ERROR: Automatic unlocking cannot be used on the OS volume.

Is there any way to fix this? I would be really grateful for any help, as this is really annoying.

Regards

James

***moved from Windows / Windows 11 / Install and upgrade***

Answer 1

Hello James_humphrey1981，

Thank you for posting in Microsoft Community forum.

It seems like the third-party software you used has applied a non-standard encryption process that is causing the BitLocker auto-unlock feature to not function as expected. Here are a few steps you can try to get back to a normal state where you can use BitLocker as intended:

Option 1: Decrypt with Third-Party Software and Use Windows BitLocker

1. Decrypt the Drive: Use the same third-party software to decrypt the drive, since it seems to have been encrypted by this tool.
2. Remove Third-Party Software: Once the drive is decrypted, remove or disable the third-party software to avoid conflicts.
3. Enable BitLocker:
   • Open Settings.
   • Go to Privacy & security.
   • Select Device encryption.
   • Turn on Device encryption.
   • Follow the on-screen instructions to set up BitLocker.
4. Restart: Restart your computer to make sure that BitLocker is set up correctly and checks if the auto-unlock feature is working.

Option 2: Use BitLocker from Command Line

If the options in the Settings are still not available, you can try using the BitLocker command line tools to enable BitLocker encryption:

1. Open Command Prompt with Administrative Privileges:
   • Press Win + X.
   • Select Windows Terminal (Admin) or Command Prompt (Admin).
2. Disable the Current Encryption: Ensure that the drive is decrypted using the third-party tool.
3. Enable BitLocker:

   
       manage-bde -on C: -RecoveryPassword 
   
   

4. Create a Recovery Password: This command will prompt you to save a recovery password. Make sure to save it in a safe place.
5. Restart Your Computer: Once the encryption process is complete, restart your computer to ensure BitLocker is working as intended.

Option 3: Repair BitLocker Settings

If you suspect that BitLocker settings might be corrupted, you can reset the TPM (Trusted Platform Module) settings:

1. Open TPM Management:
   • Press Win + R.
   • Type tpm.msc and press Enter.
2. Clear TPM:
   • In TPM Management, select Clear TPM.
   • Follow the instructions to clear the TPM.
   • Note: This will require a restart and additional confirmations.
3. Re-enable BitLocker:
   • Open Settings.
   • Go to Privacy & security.
   • Select Device encryption.
   • Turn on Device encryption.

Option 4: Repair Boot Configuration Data (BCD)

If none of the above options work, it might be worth checking your Boot Configuration Data:

1. Open Command Prompt with Administrative Privileges.
2. Run BCD Repair Commands:

   
       bootrec /fixmbr 
   
       bootrec /fixboot 
   
       bootrec /scanos 
   
       bootrec /rebuildbcd 
   
   

3. Restart Your Computer**: Check if the issue persists.

Important Notes:

- Always ensure you have backups of any important data before making significant changes to your system.

- Ensure you have your BitLocker recovery key saved in a secure location before performing actions that might affect BitLocker.

I hope the information above is helpful.

If you have any question or concern, please feel free to let us know.

Best Regards,

Haijian Shan

Answer 2

Hi and thank you for your reply.

In regard to method 1, I no longer have the device encryption option in control panel or in settings > privacy & security

I tried the command prompt way, and get the following error:

PS C:\Users\James> manage-bde -on C: -RecoveryPassword
BitLocker Drive Encryption: Configuration Tool version 10.0.22621
Copyright (C) 2013 Microsoft Corporation. All rights reserved.

Volume C: []
[OS Volume]
ERROR: An error occurred (code 0x8031005a):
This version of Windows does not support this feature of BitLocker Drive Encryption. To use this feature, upgrade the operating system.

NOTE: If the -on switch has failed to add key protectors or start encryption,
you may need to call "manage-bde -off" before attempting -on again.

Regards

James

Answer 3

Hello  James_humphrey1981，

Thank you for your reply.

It appears that you are encountering multiple issues stemming from the use of third-party encryption software, combined with the limitations of Windows 11 Home, which does not support full BitLocker functionality like the Pro version does.

It may be helpful to reinstall Windows 11 completely to ensure a clean state. This can be a last resort if the system integrity has been heavily compromised by the third-party encryption software.

Best Regards,

Haijian Shan