I just recently started dealing with this issue and I see a lot of others doing drastic fixes like reimaging the problem PC. There’s a simple fix until Microsoft solves this. Using a recovery drive or my preferred option, Hiren’s BootCD PE ISO. If you followed my creating a multitool USB drive guide you will most likely have this ISO already.
Requirements
- USB drive with Hiren’s BootCD PE installed
If you have a blank USB drive just reflash it with Rufus using the Hiren’s BootCD PE ISO. Once ready, boot into the problem PC and disable Secure Boot. Then reboot into the temporary boot screen and select the USB drive.
Once booted, open Command Prompt and enter the following:
# Check BitLocker status
manage-bde -status
# You'll see output like this for each drive:
# Volume C: [NAME]
# Size:
# BitLocker Version:
# Conversion Status:
# Lock Status:
# Key Protectors:
# You can also check via File Explorer — look for the lock symbol under "This PC"
# Right-click a locked drive to unlock via GUI if preferred
# Unlock the drive using your recovery key
manage-bde -unlock C: -rp "recovery-key-here"
# Turn BitLocker off completely
manage-bde -off C:
That should be it. Turn off the machine then reboot into Windows. Make sure to re-enable Secure Boot.
Backing Up Your Recovery Key
Before turning BitLocker back on, back up your recovery key:
# Check status and get the Key Protector ID
manage-bde -status C:
# Look for the "Key Protectors" section:
# Numerical Password:
# ID: {12345678-1234-1234-1234-123456789012}
# Backup to your Microsoft account (requires internet)
manage-bde -protectors -adbackup C: -id '{your-id-here}'
Turning BitLocker Back On
# Turn on BitLocker
manage-bde -on C:
# Check encryption progress
manage-bde -status C:
You can also re-enable BitLocker through Settings > Privacy & Security > Device Encryption or Control Panel > BitLocker Drive Encryption. You might get an error the first time — try again after a reboot.
Last modified on 2025-10-16