I've run into a very strange problem with my Lenovo laptop (Windows 10).
I have been using my laptop for over two years and have not enabled bitlocker. My machine is not registered to a domain. At startup I always enter the password for my local windows account.
One thing that happened recently was that my integrated camera stopped working and I updated the firmware. Shortly after it appears my laptop crashed and after a system shutdown my machine entered into the BitLocker recovery mode with the following message:
"Enter the recovery key for this drive. You need to enter your recovery key because Secure Boot policy has unexpectedly changed."
Like I mentioned, I have never enabled BitLocker on my machine itself, and therefore I do not have a recovery key.
Whenever I run manage-bde -status I get the results below. A lot is marked as 'Unknown', but I don't know if that means anything.
BitLocker Drive Encryption: Configuration Tool version 10.0.19041Copyright (C) 2013 Microsoft Corporation. All rights reserved.Volume C: [Label Unknown][Data Volume] Size: Unknown GB BitLocker Version: 2.0 Conversion Status: Unknown Percentage Encrypted: Unknown% Encryption Method: XTS-AES 128 Protection Status: Unknown Lock Status: Locked Identification Field: Unknown Automatic Unlock: Disabled Key Protectors: Numerical Password | TPM
Question: Is there any way to still be able to get access to my data?
FAQs
I understand you are encountering a BitLocker recovery key prompt after updating your BIOS, it generally means that the system's security configuration changed, prompting BitLocker to require the recovery key to ensure the system hasn't been tampered with.
Why did BitLocker randomly show up? ›
If you experiences that the computer shows BitLocker recovery screen after power on, it means that the HDD/SDD has been encrypted. (HDD/SDD is locked.) Once PC hardware components have been replaced or BIOS settings have been changed, all may cause system shows BitLocker recovery screen after power on.
Why did I get a BitLocker recovery message? ›
Bitlocker recovery mode can be triggered by a number of situations, including: A malicious attempt by a person or software to change the startup environment. Rootkits are one example. Moving the BitLocker-protected drive into a new computer.
How does BitLocker get turned on automatically? ›
It starts on the supported device when you set up it for the first time and automatically encrypts the internal drive when you sign in with a Microsoft Account or an Azure Active Directory account. And the whole process is without the user's intervention.
Why would a computer need a BitLocker recovery key? ›
BitLocker stores system details when first turned on and prompts for a recovery key if major changes are detected. If prompted on every startup, one can update BitLocker's record of the system by suspending and resuming BitLocker.
Why did my computer activate BitLocker? ›
If a device doesn't initially qualify for device encryption, but then a change is made that causes the device to qualify (for example, by turning on_Secure Boot_), device encryption enables BitLocker automatically as soon as it detects it.
What malware turns on BitLocker? ›
The malware ShrinkLocker alters various registry keys to change how BitLocker handles encryption, potentially bypassing TPM requirements, enabling BitLocker without TPM and enforcing specific startup key and PIN configurations.
How was BitLocker activated on my device? ›
An owner or administrator of your device activated BitLocker protection (also called device encryption on some devices) through the Settings app or Control Panel: In this case the user activating BitLocker either selected where to save the key or (in the case of device encryption) it was automatically saved to their ...
How do I ignore BitLocker recovery? ›
Navigate to Troubleshoot > Advanced Options > Startup Settings 2. Press Restart 3. Skip the first Bitlocker recovery key prompt by pressing Esc 4. Skip the second Bitlocker recovery key prompt by selecting Skip This Drive in the bottom right 5.
Is BitLocker legit? ›
Not 100% Secure: While BitLocker provides strong protection against most cyber threats, there are some cases where it can be bypassed by malicious actors with sophisticated techniques.
Ok, so as you know, Bitlocker is a feature on Windows that lets you and I encrypt our hard drives. At times, it can randomly ask users for a recovery key, and it can be due to the following reasons: Entering the incorrect pin numerous times. You forgot the pin.
Is BitLocker activated by default? ›
BitLocker automatic device encryption starts during Out-of-box (OOBE) experience. However, protection is enabled (armed) only after users sign in with a Microsoft Account or an Azure Active Directory account. Until that, protection is suspended and data is not protected.
Does Windows 11 automatically enable BitLocker? ›
That means if you clean install Windows 11 later this year or buy a new PC with 24H2 installed, BitLocker device encryption will be enabled by default.
How do I get my computer out of BitLocker recovery? ›
On the BitLocker recovery screen asking for the recovery key, press Esc for more BitLocker recovery options and then select "Skip this drive."
Why is my computer asking for BitLocker recovery key after Windows Update? ›
Open a web browser on another device, navigate to https://aka.ms/aadrecoverykey and log in to your work or school account, then click on [Devices]①. Expand the device for which you want to find the BitLocker recovery key②, and then click [View Bitlocker Keys]③. Match the Key ID, and then click [Show recovery key]④.
