However, Microsoft’s encryption feature has some problems when installing drives from Windows 7 computers to Windows 10.įor example, you have been using BitLocker on a Windows 7 computer and you want to move your old hard drive into a new Windows 10 computer. By default, it uses the AES encryption algorithm in cipher block chaining or XTS mode with a 128-bit or 256-bit key. BitLocker is designed to protect data by providing encryption for entire volumes. If you are facing this problem, then maybe this article will give you the method.īitLocker is an encryption feature built into computers running Windows 10 Pro, if you’re running Windows 10 Home you will not be able to use BitLocker. That set of group policy items lets you change some bitlocker administrative items.Many users have been complaining about a problem regarding BitLocker encryption on Windows 10 computer, mostly, an incompatibility between a drive encrypted on Windows 7 and then used in a Windows 10 machine. (I might have more detail if you need it).
Now, for you, the option to change how bitlocker unlocks, has to be done, i think, from the GPEDIT.MSC command. YOU indicated that to clear your TPM you first DISABLED bitlocker, then cleared the TPM.Ĭould you clarify how you did this? from what I read, i was to first DECRYPT the bitlocked drive, then clear the TPM, but I' more wiling to chance it if i can just temporarily DISABLE bitlocker, before clearing the TPM.īUT, my concern is, how does the bitlocker PIN and RECOVERY key respond, AFTER clearing hte TPM does it just get re-enabled? some forums have indicated to clear out the tpm, but that can screw up bitlocker. Somehow my TPM is requiring my recovery key, after even one bad attempt at the PIN.
(I have a similar issue, full question posted in separate section), related to the Bitlocker, and the TPM. Has anyone out there had any luck with the above? In addition, I tried enabling the hidden "administrator" account which apparently has elevated privileges, but no difference.įinally, I understand that there are ways to get rid of that message via Group Policy changes, but I haven't nutted that one out yet either. " For your security, some settings are managed by your system administrator." even though the local users on these laptops are administrators. However, there is an info box near the top of the BitLocker Drive Encryption window that reads: That setting was "Change how drive is unlocked at startup", but I only have "Suspend Protection", "Back up your recovery key" and "Turn off BitLocker". HP Support did ask if I could change a setting under Control Panel -> Manage BitLocker that I can't see on either laptop. It must be something under the hood on these EliteBooks that BitLocker isn't happy with. I have been on the phone to both HP and Microsoft Support but had no luck there either. ~ Configure Legacy Support and Secure Boot, "Legacy Support Disable and Secure Boot Enable" is selected. Under BIOS -> Advanced -> Secure Boot Configuration: ~ On one of the laptops I unchecked "USB Storage Boot" as this laptop appears to have USB-Type C port, but that made no difference. ~ Legacy Boot Order is checked (But greyed out) ~ UEFI Boot Order is checked (But greyed out) Both laptops exhibit the same behaviour, and seem to pick and choose at random when they prompt for the BitLocker Recovery Key whether reboot, cold boot, on battery or power adapter.
I tried various combinations of turning off BitLocker, clearing TPM under Windows and BIOS, re-enabling BitLocker, factory reset plus all Windows Updates, HP Updates including BIOS, software installs etc before enabling BitLocker. In my case it's 2x new HP EliteBook 820 G4s (256GB M.2 SSDs with HP Recovery partition) that have the issue.
I've been trying to nut this out for several hours now, and am not sure that I'm any closer to resolving.