BitLocker ask Recovery key after BIOS Update & Enable fTPM

[Anime4000]

As per title say...

 

I build a gaming rig for my friend long time ago, story it begin with:
1. Last month I believe, I guide him to enable fTPM in UEFI BIOS since he want his PC ready for Windows 11

2. Yesterday I guide him to update UEFI BIOS

 

When his PC boot, asking for BitLocker Recovery Key...

 

I using Macrium Reflect to restore "sysprep" Windows 10 Image that I make in VM, same Image I use for my self and other my customer.

 

This one of his picture send this, I ask him to proceed as I know I never set BitLocker neither him

 

 

Thing is, suddenly BitLocker was enabled, I believe fTPM cause this.

 

There is way to recover from this?

Also... how to prevent BitLocker Automatically after TPM enable? or simply Disable/Delete BitLocker entirely, just make life easier

[Kilrah]

This just warns that IF you have bitlocker enabled you'll be asked for the recovery key. Did he actually get asked for one afterwards?

[Anime4000]

3 minutes ago, Kilrah said:

This just warns that IF you have bitlocker enabled you'll be asked for the recovery key. Did he actually get asked for one afterwards?

Yes, PC cannot boot, asking for BitLocker Recovery Key like this:

 

I using Macrium Reflect to restore "sysprep" Windows 10 Image that I made in VM, which is I never set BitLocker in first place!

[Kilrah]

Well that simply can't happen if BL wasn't enabled at some point by someone, maybe he did and forgot about it...

Or maybe he has another drive connected to the PC that has BL enabled on it and that's what it's for?

[avg123]

21 minutes ago, Anime4000 said:

 

 

 

Thing is, suddenly BitLocker was enabled, I believe fTPM cause this.

 

There is way to recover from this?

Also... how to prevent BitLocker Automatically after TPM enable? or simply Disable/Delete BitLocker entirely, just make life easier

when did this happen? why does screenshot say 03/04/2021?

[Anime4000]

I checked, BitLocker partition are:
1. PNY XLR8 CS3040 500GB (Boot, Windows, Users)
2. PNY XLR8 CS3040 1TB (Steam)

Other HDD are in normal partition.

 

I don't think he or someone purposely lock his drive

[Anime4000]

3 minutes ago, avg123 said:

when did this happen? why does screenshot say 03/04/2021?

That BIOS date for version 4301, trying to update to version 4402
https://rog.asus.com/my/motherboards/rog-strix/rog-strix-b450-f-gaming-model/helpdesk_bios

[avg123]

3 hours ago, Anime4000 said:

That BIOS date for version 4301, trying to update to version 4402
https://rog.asus.com/my/motherboards/rog-strix/rog-strix-b450-f-gaming-model/helpdesk_bios

When your friend first enabled fTPM, his harddrive was auto encrypted and a bitlocker key was generated which was used to unlock your harddrive. 

 

Now when a firmware is upgraded, this stored key is wiped.

 

Now there is no key to unlock his harddrive. That is why there was a warning to back up the key before firmware upgraded.

 

Nothing can be done now except to wipe the harddrive and re install windows.

[Kilrah]

15 minutes ago, avg123 said:

When your friend first enabled fTPM, his harddrive was auto encrypted and a bitlocker key was generated

Windows does not do this on its own and without warning.

[Anime4000]

1 hour ago, avg123 said:

Now when a firmware is upgraded, this stored key is wiped.

 

Now there is no key to unlock his harddrive. That is why there was a warning to back up the key before firmware upgraded.

 

On that time, I know I did not set BitLocker, especially to Noob Users, so, I proceed it without checking it first.

54 minutes ago, Kilrah said:

Windows does not do this on its own and without warning.

Apparently no warning, I been contacting local Microsoft Regional Office, they said try login into Microsoft Account and get recovery key there.

But I setup my friend PC using Local Account and have been this way since then!