Windows 10 does not recognize hardware encrypted bitlocker volume
The solution I found for this problem was to remove the Intel Rapid Storage technology software from your Dell computer.
Reboot, and all will be well.
You might need to reboot twice before the correct Bitlocker settings will appear in Windows 10.
Related videos on Youtube
b0nzo
Updated on September 18, 2022Comments
-
b0nzo over 1 year
I use Windows 10 Pro/Education on a self encrypting Samsung SSD Drive (Evo 850) and configured/installed it by following this guide [1]. I configured bitlocker to ask for a PIN before booting Windows and the lock symbol in the explorer as well as
manage-bde -status
command showed that bitlocker successfully encrypted system drive C: and really used hardware encryption of the Samsung drive.Everything seemed to work fine, but after I updated most of the drivers for my Dell Inspron 15 7559 to the newest version [2] bitlocker first asked to enter the recovey key because configuration has changed and then the bitlocker symbol in Windows explorer was gone. After the boot Windows told me that the drive is not encrypted, if I tried to encrypt the drive only software encryption was offered.
However Windows stills aks me for the pin at bootup and the drive is not accessible through a live system, so it seems that the drive is still fully encrypted. If I start a command line before boot up (recovery options)
manage-bde -status
command still shows that the partition is hardware encrypted and managed by bitlocker. But after booting Windows fails to recognize the encryption, so I can't access the configuration for this encrypted drive for example to change the password or disable bitlocker.Has anyone an idea how to make Windows recognize the encryption after bootup again?
Output of
manage-bde -status C:
after start-up in Windows installation:Volume C: [Windows] [OS Volume]
Size: 209.04 GB BitLocker Version: None Conversion Status: Fully Decrypted Percentage Encrypted: 0.0% Encryption Method: None Protection Status: Protection Off Lock Status: Unlocked Identification Field: None Key Protectors: None Found
Output of
manage-bde -status C:
before start-up using bitlocker recovery mode command line*:Volume "C:" [volume is unknown] [Data Volume] Size: Unkwon GB BitLocker Version: 2.0 Conversion Status: Unkown Percentage Encrypted: Unkown % Encryption Method: Hardware Encryption - 1.3.111.2.1619.0.1.2 Protection Status: Unkown Lock Status: Locked Identification Field: Unkown Automatic Unlock: Disabled Key Protectors: Numerical Password TPM and PIN
*Note: Obviously I couldn't copy&paste the second output, I also had to translate it from German, so there might be some minor inaccuracies.
[1] https://helgeklein.com/blog/2015/01/how-to-enable-bitlocker-hardware-encryption-with-ssd/
[2] http://www.dell.com/support/home/us/en/19/product-support/product/inspiron-15-7559-laptop/drivers
-
Xavierjazz about 8 yearsThis is very hard to read. Better formatting is suggested.
-
Ramhound about 8 yearsWhich drivers did you update specifically?
-
b0nzo about 8 years@Xavierjazz I tried to, I hope it's better now, do you have any suggestions to improve formatting?
-
b0nzo about 8 years@Ramhound All drivers that had a release date after the date I bought the notebook. Starting from the first to the last category. I can't tell which driver broke bitlocker, but I assume the chipset drivers could have caused the problem. I knwo about the IRST issue, so I installed the newest version of the IRST driver.
-
-
b0nzo about 8 yearsThanks for your answer! I can access the drive without any problem if I enter the correct PIN or recovery key at start-up. But after the boot bitlocker treats the partition as if there never has been an encryption, but I expect it to show the ecnryption in windows (and offer to configure it). Instead of this it offers me to software encrypt the drive.
-
b0nzo about 8 yearsIt should also be possible to remove the encryption entirely with command line before start-up. But after that it will never be possible again to activate hardware encryption on that drive because it requires a secure erease which can't be done after bitlocker was activated once.
-
A71 about 8 years@b0nzo very interesting case. I did not take into account that it required the secure erase. That means the solution space is limited within the Windows installation. - Not knowing the solution is getting a little frustrating ;) - Could you past/type the output of (both)
manage-bde -status C:
of the drive in your main question above above. So people can quickly see the difference. -
b0nzo about 8 yearsThank you for your answer! It is! Somehow the Windows installation seems to have lost the connection to the bitlocker boot sector/encryption after updating the drivers. I added the requested outputs and as you can see Windows seems to handle Volume C as if never encrypted. Befor boot most of the volume is unkwon but it seems to be hardware encrypted.