1

I use my external SSD to boot Windows via a USB-C port. However, I have to enter the BitLocker key each time I restart my machine even without unplugging the USB port. How to fix this?

Real Dreams
  • 4,988
  • What protectors are enabled for the disk in manage-bde -protectors -get C:? – u1686_grawity Jun 15 '23 at 04:44
  • @user1686 numerical password and TPM. – Real Dreams Jun 15 '23 at 07:15
  • @user1686 also trying manage-bde -autounlock -enable c: I got ERROR: Automatic unlocking cannot be used on the OS volume. message. – Real Dreams Jun 15 '23 at 07:21
  • “How to fix this?” - You can’t because you’re running up against a security feature of BitLocker. – Ramhound Jun 15 '23 at 12:22
  • @Ramhound the same drive works without BitLocker prompt when is connected to another Laptop – Real Dreams Jun 16 '23 at 06:01
  • 1
    When you use the TPM protector, you bind it to the TPM chip of a certain laptop. On that laptop, it will boot, on others, it will need the recovery key. That's expected behavior. You would need to use a password protector instead of the TPM protector if you want portability and comfort. – Bernd Schwanenmeister Jun 16 '23 at 09:54
  • 1
    You can’t store the same key to BitLocker on two TPMs. Every time BitLocker detects a system configuration change it will prompt you for the Recovery key. There is a reason Microsoft discontinued support for Windows2Go which unlikely every supported BitLocker. – Ramhound Jun 16 '23 at 15:12
  • @BerndSchwanenmeister how can i make the new laptop the primary one, I don't use the old one much. – Real Dreams Jun 17 '23 at 01:42
  • As said: use a password protector instead of the tpm protector. There's no primary/secondary setting needed. On an elevated command line: manage-bde -protectors c: -delete -type tpm, then next line: manage-bde -protectors -add c: -pw – Bernd Schwanenmeister Jun 19 '23 at 08:55

0 Answers0