Solved

Bitlocker no recovery password but I have the PIN

Posted on 2016-08-30
2
66 Views
Last Modified: 2016-08-31
I have been asked to look at a laptop that uses Bit locker TPM encryption it has orange lines down the screen on boot, now I have worked out this is due to a windows update and the user can get to Windows by typing in their PIN and pressing enter. Unfortunately though the user has pressed to many incorrect keys and I am certain that it needs the recovery password which has been misplaced and isn't in AD :(

I can go to advanced options and access command prompt etc and thought I could use manage-bde -unlock as I still know the PIN but alas it doesn't work I assume to it being a PIN not a password?

Does anyone know of a way to stop the laptop asking for the recovery key and let me put in the PIN back in instead. I thought of maybe removing the CMOS or a command I can use to bypass having to enter the recovery key by using the PIN?

Thanks and the laptop is running Windows 10 x64, only one partition/drive
0
Comment
Question by:ICTIC
2 Comments
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 41777895
If the TPM is currently locked out when using BitLocker, there will be an opportunity during the boot process to either open the BitLocker recovery console or wait to reenter the PIN. Otherwise, to rest the lockout count will require the TPM owner password. See
When should I reset the TPM lockout?

The most likely scenario is that during the boot process users will notice slow response times when using a key protector—which consists of the TPM and a PIN—and entering the incorrect PIN. The system may appear to freeze for a period of time before informing the user that the incorrect PIN was entered and that the TPM is locked out. When the TPM is locked out, it is also possible that the user will enter the correct PIN, but the TPM will respond as if the incorrect PIN was entered for a period of time....Because a TPM may indefinitely store all incorrect authorization attempts sent to it, users may want to proactively reset the TPM lockout if they often mistype authorization values such as the BitLocker PIN.
https://technet.microsoft.com/en-us/library/dd851452(v=ws.11).aspx
0
 

Author Closing Comment

by:ICTIC
ID: 41778761
Found the recovery key in the end but thanks for your help
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A few customers have recently asked my thoughts on Password Managers.  As Security is a big part of our industry I was initially very hesitant and sceptical about giving a program all of my secret passwords.  But as I was getting asked about them mo…
Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now