Highlighted
SB22
Bronze

BIOS update without suspending Bitlocker has triggered a recovery and on start up I am prompted for the recovery key

Jump to solution
I know a BIOS update on my Latitude with Windows 8 and Bitlocker activated on the O/S drive triggers Bit locker recovery on startup. I don't have the recovery key and so am stuck. How to recover without the Bit Locker recovery key?
0 Kudos
5 Replies
SB22
Bronze

RE: BIOS update without suspending Bitlocker has triggered a recovery and on start up I am prompted for the recovery key

Jump to solution
The solution I found was to install the previous version of the BIOS, but without being able to boot into Windows, I needed to install the previous version of the BIOS in DOS. Some server products provide a F12 boot up menu option to roll back a BIOS update, but this is not available in my Latitude. I downloaded the correct BIOS version (the additional info section made specific reference to it being installable from Windows or DOS). I prepared a bootable USB key (to a dos prompt) and copied the bios installer executable to the memory stick. Because secure boot (UEFI) is enabled, it is not possible to boot up from USB key, so legacy boot mode needs to be enabled. There were 3 settings that required changing in the BIOS before I was able to boot from the USB key. Once I was able to boot into DOS from the USB key and got to the DOS prompt, I ran the BIOS update exe. The laptop rebooted, installed the previous BIOS version and then rebooted again. I pressed F2 to get into the BIOS and changed back the settings as they were (secure boot UEFI). I then managed to boot into windows without being prompted for the Bit locker recovery key. You able to export or view the Bitlocker recovery key by going to Control Panel -> Security -> Bit locker Management, and temporarily suspend protection (until the next reboot). It is possible to run a commandlet to specify the number of reboots bit locker should be suspended for. You may find that installing the previous version of the BIOS does not work. I am not sure which BIOS version values are help by Bit locker to trigger a change, but in my case I can only assume the previous version was identical. Hope this helps.
cjsmile
Copper

RE: BIOS update without suspending Bitlocker has triggered a recovery and on start up I am prompted for the recovery key

Jump to solution

Thank you for posting this! I ran into this exact issue and was able to fix it following your directions. Thank you!

0 Kudos
burjoes1
Copper

RE: BIOS update without suspending Bitlocker has triggered a recovery and on start up I am prompted for the recovery key

Jump to solution

I am having this problem. My company installed bit locker and when i customized my password, i can't remember what i did with the recovery key.

I thought it said i had A09 when I updated to A14, but there is no A09 on support.dell.com. I tried 08, 10, 12, and 13 with no luck.

Any other suggestions? 

0 Kudos
ramamd
Copper

RE: BIOS update without suspending Bitlocker has triggered a recovery and on start up I am prompted for the recovery key

Jump to solution

Thank you it worked

0 Kudos
jphughan
Diamond

RE: BIOS update without suspending Bitlocker has triggered a recovery and on start up I am prompted for the recovery key

Jump to solution

I realize this thread is over 2 years old, but since someone else just resurrected it, you really, REALLY need to keep your Recovery Key, because not all circumstances that trigger a Recovery Key can be undone like this.  For example, TPM failure or motherboard failure/replacement would require a Recovery Key with no other recourse.  The same goes for non-OS volumes protected with BitLocker if you forget their passwords; by default, the Recovery Key is the only remaining access mechanism.

For personal systems, you may have also have originally stored it in your Microsoft account, and corporate systems joined to Active Directory domains can store their Recovery Keys within Active Directory if that feature was enabled.  And if you realize you don't have it but your system is still currently working, then as long as you have admin privileges on your system, you can back up your Recovery Key at any time by going to Control Panel > BitLocker.  I store my personal system's Recovery Key in my LastPass password manager, but for people who don't want to use something like that and don't trust themselves to store physical documents somewhere safely (and remember where they are later), you should at least email it to yourself or store it somewhere like Dropbox, Google Drive, etc. -- ideally somewhere you can easily access from a smartphone or other PC.