How to undo a permission setting in the Registry

You should be able to mount the drive on another system and unlock the volume with the bitlocker recovery key. You can then offline mount the registry and make permission changes to it.
I have been working with the registry for 26 years. Making permission changes to the registry is very rarely done in my experience.

Thank you for your response. The TPM chip is on this MB so I thought I would not be able to use the drive with any other system...I thought that was, in part, the idea of TPM?

I don't have another system except another laptop...not sure how to do this other than that. Is there another way to do this without having to pull the SSD out of the system?

Use the bitlocker recovery password to boot the system and reset those permissions. No need for anything else.

I see no relationship of the registry permissions and the pin not being accepted by now, but you will be able to tell pretty soon.

The point of the TPM is to allow you to access the drive from your trusted OS without needing to enter any decryption secrets.

The point of the recovery key is to allow you to decrypt the drive when it isn't booting from the device with the TPM.

I denied SYSTEM & Administrators Full Control permissions from the HKLM\SYSTEM\CurrentControlSet\Control\Lsa key.

Why would you do such a thing?

Hi All, I put the Recovery Password in successfully but then got these errors...

When I tried again...

I verified the Boot Sequence is has both entries: Windows Boot Manager & SSD.

boot into recovery tools
find out which driver is your OS Drive
run the command
bcdboot x:\windows  (replace x: with the drive the OS resides on) 

Are the recovery tools the same as the Recovery Environment in the screenshot above?

Also, to answer your question I removed those permissions from the LSA key for security reasons...see this article:
https://www.experts-exchange.com/articles/24599/Free-yourself-of-your-administrative-account.html

I will reverse this permission with a restore point and choose the "monitor" this key option if I can get back in!

yes they are the same

Once I enter the Recovery Key and then hit F1 for the Recovery Environment, the BIOS screen comes up and then I get the second image I sent above stating that the:

PC/Device needs to be repaired.
The Boot Configuration Data file doesn't contain valid information for an operating system.
File: \BCD
Error code: 0xc0000098

In the BIOS I can get into it and also F12 (Boot Options which includes Device Config, & Diagnostics) but I believe the diag is HW only.

try booting from a windows installation media

Ok, I'm in the first screen of Window Setup asking about language preferences, etc.

I assume you want Repair your computer > Troubleshooting > Advanced Options > Command Prompt?

It asked for the BitLocker Recovery Key in order to proceed and it worked.

At cmd it is set to X:\Sources>...and when I try to CD to C: it just returns C:\ and then has the X:\Sources> entry line again. Is that normal?

you went too far .. on the first screen you should see install and recovery options

I edited my comment...see above. sorry.

Ok, I entered your code and it returned Boot files successfully created.

no it will be another drive that has a windows folder

I'll reproduce this now in a VM and at the same time list how to undo it offline.

OK, thanks McKnife!

when you reboot what do you get?

Hi David - I rebooted and the same error messages occurred.

Hi McKnife - I understand. In theory, I thought it was a good idea too! I noticed in the LSA key there was a value for "SecureBoot" so that is what made me think somehow that either SYSTEM or Admins group required access to modify other values in that key aside from "LimitBlankPasswordUse". Thanks for helping me out with this. I'm following your instructions now.

McKnife - that was NEXT LEVEL...it worked! You are awesome! Thank you soo much.

Getting a thank you for a mess that I caused myself... :-|
Good that you got out of it. I requested to have that advice deleted within the article