![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 64%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
BitLocker cannot be bypassed or turned off without administrative access and, if prompted, the correct BitLocker recovery key. The repeated prompt indicates BitLocker is detecting a condition it treats as a possible attack (for example, hardware/firmware changes), so it requires the recovery key at startup.
To stop being prompted, the BitLocker recovery key must first be found and used to unlock the drive, then BitLocker can be managed (for example, keys re-backed up or BitLocker turned off) from within Windows. If the recovery key cannot be found, there is no supported way to bypass BitLocker and keep the existing data; the only option is to reset or reinstall Windows, which removes all files on the drive.
Steps to locate and use the recovery key without contacting support:
- Try the common recovery key locations:
- Microsoft account or work/school account:
- If the device is signed in with a personal Microsoft account, sign in from another device and check for saved keys as described in Find your BitLocker recovery key.
- If the device is or was joined to a work or school organization, from another device:
- Open a browser and go to
https://aka.ms/aadrecoverykey. - Sign in with the work or school account.
- Select Devices, expand the affected device, and choose View BitLocker Keys.
- Match the Key ID shown on the BitLocker screen to the listed key, then enter the 48-digit recovery key on the laptop.
- Open a browser and go to
- Printed copy: Check any printed documents where a BitLocker recovery key might have been saved.
- USB flash drive: If the key was saved to a USB drive, plug it into another device and open the text file containing the 48-digit key.
- Microsoft account or work/school account:
- Enter the 48-digit recovery key:
- On the BitLocker recovery screen, type the 48-digit key (hyphens are optional). If correct, Windows will start normally.
- After Windows starts, ensure the key is safely backed up:
- Follow Back up your BitLocker recovery key to save the key to a secure location (for example, Microsoft account, a USB drive, or a printed copy).
- To avoid future prompts:
- If the device is managed by an organization, policy may enforce BitLocker and recovery prompts; in that case, only the organization’s IT can change the behavior.
- If it is a personal device and BitLocker is not needed, BitLocker can be turned off from within Windows only after successfully unlocking the drive. This decrypts the drive and removes the need for a recovery key in the future.
If the recovery key cannot be found in any of the supported locations and the device is not managed by an organization that can provide it, there is no supported way to unlock the encrypted drive. In that case, the only option is to reset the device using Windows recovery options, which will remove all files on the drive.
References: