Solved

Bitlocker no recovery password but I have the PIN

Posted on 2016-08-30
2
162 Views
Last Modified: 2016-08-31
I have been asked to look at a laptop that uses Bit locker TPM encryption it has orange lines down the screen on boot, now I have worked out this is due to a windows update and the user can get to Windows by typing in their PIN and pressing enter. Unfortunately though the user has pressed to many incorrect keys and I am certain that it needs the recovery password which has been misplaced and isn't in AD :(

I can go to advanced options and access command prompt etc and thought I could use manage-bde -unlock as I still know the PIN but alas it doesn't work I assume to it being a PIN not a password?

Does anyone know of a way to stop the laptop asking for the recovery key and let me put in the PIN back in instead. I thought of maybe removing the CMOS or a command I can use to bypass having to enter the recovery key by using the PIN?

Thanks and the laptop is running Windows 10 x64, only one partition/drive
0
Comment
Question by:ICTIC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 41777895
If the TPM is currently locked out when using BitLocker, there will be an opportunity during the boot process to either open the BitLocker recovery console or wait to reenter the PIN. Otherwise, to rest the lockout count will require the TPM owner password. See
When should I reset the TPM lockout?

The most likely scenario is that during the boot process users will notice slow response times when using a key protector—which consists of the TPM and a PIN—and entering the incorrect PIN. The system may appear to freeze for a period of time before informing the user that the incorrect PIN was entered and that the TPM is locked out. When the TPM is locked out, it is also possible that the user will enter the correct PIN, but the TPM will respond as if the incorrect PIN was entered for a period of time....Because a TPM may indefinitely store all incorrect authorization attempts sent to it, users may want to proactively reset the TPM lockout if they often mistype authorization values such as the BitLocker PIN.
https://technet.microsoft.com/en-us/library/dd851452(v=ws.11).aspx
0
 

Author Closing Comment

by:ICTIC
ID: 41778761
Found the recovery key in the end but thanks for your help
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Businesses who process credit card payments have to adhere to PCI Compliance standards. Here’s why that’s important.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question