Highlighted
2 Bronze

Vostro 7500 - Why the Encryption Notice?

Jump to solution

I just got a new Vostro 7500 and when I start it I get the message to backup my encryption keys. I have not turned on Bitlocker so I'm confused as to why I am getting this message. Does anyone know why I would be getting this message?

0 Kudos
1 Solution

Accepted Solutions
Highlighted
6 Indium

Re: Vostro 7500 - Why the Encryption Notice?

Jump to solution

@Nat4me  Did you link your Windows logon to your Microsoft account?  If so, then BitLocker likely was in fact enabled.  Dell systems for a few years now have been shipped with BitLocker "pre-staged", meaning all of the data is encrypted but the key is available on the drive, so it still behaves like an unencrypted drive.  If you choose to link your Windows account to your Microsoft account, then your Recovery Key gets backed up to your Microsoft account in the cloud, and BitLocker is fully enabled.  The problem with this solution is that it seems that sometimes the Recovery Key doesn't get backed up, and consequently if users ever do something that causes their system to prompt for a Recovery Key (a BIOS update on certain systems, or a motherboard replacement that would therefore mean you have a new TPM), then users can't decrypt their drive and their data is effectively lost.

If you want to see whether you have BitLocker enabled, open an elevated Command Prompt window and enter "manage-bde -status".

So if you're getting a prompt to back up your BitLocker Recovery Key, that may well be why -- and you should definitely back it up somewhere that you'd be able to access even if your system wasn't running.  But if it's some other prompt to back up your "encryption keys", I don't know what that is.  Maybe post a screenshot?

View solution in original post

0 Kudos
1 Reply
Highlighted
6 Indium

Re: Vostro 7500 - Why the Encryption Notice?

Jump to solution

@Nat4me  Did you link your Windows logon to your Microsoft account?  If so, then BitLocker likely was in fact enabled.  Dell systems for a few years now have been shipped with BitLocker "pre-staged", meaning all of the data is encrypted but the key is available on the drive, so it still behaves like an unencrypted drive.  If you choose to link your Windows account to your Microsoft account, then your Recovery Key gets backed up to your Microsoft account in the cloud, and BitLocker is fully enabled.  The problem with this solution is that it seems that sometimes the Recovery Key doesn't get backed up, and consequently if users ever do something that causes their system to prompt for a Recovery Key (a BIOS update on certain systems, or a motherboard replacement that would therefore mean you have a new TPM), then users can't decrypt their drive and their data is effectively lost.

If you want to see whether you have BitLocker enabled, open an elevated Command Prompt window and enter "manage-bde -status".

So if you're getting a prompt to back up your BitLocker Recovery Key, that may well be why -- and you should definitely back it up somewhere that you'd be able to access even if your system wasn't running.  But if it's some other prompt to back up your "encryption keys", I don't know what that is.  Maybe post a screenshot?

View solution in original post

0 Kudos