Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000128275

BitLocker Asks for a Recovery Key Every Boot on USB-C/Thunderbolt Computers When Docked or Undocked

Summary: See less This article explains what to do if Windows BitLocker asks for a recovery key upon booting up your USB type-C or Thunderbolt 3 computer while using a docking station.

Article Content
Article Properties
Rate This Article

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Symptoms

BitLocker prompts to enter the recovery key when booting up a computer using a USB type-C or Thunderbolt 3 docking station.

This article is intended for the following models:

Latitude 5280
Latitude 5480
Latitude 5580
Latitude 7280
Latitude 7380
Latitude 7480
Precision 3520

Note: Other Dell computers may have the same behavior, the following fix is intended for the models that are listed above.

Cause

No cause information.

Resolution

BitLocker Asks for a Recovery Key at Boot
How to Set the BIOS to Prevent BitLocker Recovery Key Prompts

BitLocker Asks for a Recovery Key at Boot

Note: Update your computer's BIOS before proceeding, as some BIOS updates have implemented a fix for this issue. You can check for the updated version on the Dell Drivers & Downloads site.

BitLocker is an encryption function of the Windows Operating System 9OS). You may encounter an issue where BitLocker asks for a recovery key every time you boot up your computer. This issue has been found to occur on computers with USB Type-C and Thunderbolt 3 (TBT) ports.

BitLocker monitors the computer for changes to the boot configuration. When BitLocker sees a new device in the boot list or an attached external storage device, it prompts you for the key for security reasons. This is normal behavior.

This problem occurs because boot support for USB-C/TBT and Preboot for TBT are set to On by default. Turning these options off in the BIOS removes any USB-C/TBT devices from the boot list, and BitLocker does not see them.

The only negative effect of this configuration change is that you cannot perform a PXE boot from a USB-C/TBT dongle or docking station.

How to Set the BIOS to Prevent BitLocker Recovery Key Prompts

To resolve the issue, follow the steps below:

Enter the BIOS (pressF2 or F12 at the boot screen.)
Go to System Configuration, then USB Configuration, and make the following changes:
Note: Depending on the computer type, these options may be in other locations.
1. Disable USB Type-C or Thunderbolt 3 Boot support.
2. Disable USB Type-C or Thunderbolt 3 (and PCIe behind TBT) Pre-boot.
3. Disable UEFI Network Stack.
4. Set: POST Behavior -> Fastboot -> Thorough

Once these changes are made, the computer should not prompt for the BitLocker key on every boot.

Note: There are other reasons for recovery key prompts that this procedure may not resolve.

This solution should work in UEFI mode. For computers using legacy mode, see the article: BitLocker fails to turn on or prompts for the Recovery Key rebooting with Windows 10, UEFI, and the TPM 1.2 Firmware

Additional Information

For further support and guidance, view our instructional video: "Resolve BitLocker Recovery Key Prompts"

Article Properties

Affected Product

Dell Dock WD15, Dell Thunderbolt Dock TB16, Dell Precision Dual USB-C Thunderbolt Dock - TB18DC, Latitude 5280/5288, Latitude 7280, Latitude 7380, Latitude 5480/5488, Latitude 7480, Latitude 5580, Precision 3520

Last Published Date

14 Sep 2022

Version

Article Type

Solution

Thank you for your feedback.

Sorry, our feedback system is currently down. Please try again later.

Comments cannot contain these special characters: <>()\