Bitlocker - with TPM - still requiring USB

lipton · 12 May 2011

My situation is as follows. I use bitlocker, TPM is enabled, and ownership taken.
I had to move my hard drive (SDD) to a new PC, same model. Now, every boot, i need to insert a usb key with the bitlocker key/certificate.
TPM on the new system is enabled, and ownership taken, though i did that after booting up the first time.
How do i get back to the situation where my system boots without need for usb key, using my windows logon as the bitlocker password?
Thanks,
Joey

Dwarf · 12 May 2011

Hi Joey and welcome to Windows 7 Forums

As you know, BitLocker is an encryption method used to protect the contents of your HDD/SDD from unauthorised access. This can be done on a hardware level (TPM - Trusted Platform Module) and software (requiring a USB key/certificate). The USB key is used to gain access when, for some reason, the TPM supplies the wrong information. Normally, this isn't a problem, but you've stated that you have moved your drive to another machine. Even if this new machine is identical in every single way (even consecutive boards coming off the production line), the TPM data will be incorrect and thus you will need the USB key (which you should create and keep in a safe place should you need it) to unlock your system.

You need to decrypt your drive and then reencrypt it to use the TPM chip in your new system. See the following Tutorial:

BitLocker Drive Encryption - Windows 7 Drive - Turn On or Off with no TPM Follow the instructions in OPTION TWO

After it has been decrypted, you should be able to rencrypt, this time the TPM data will be valid and you will no longer need the USB key to startup (although you should take the opportunity to create one - your old one won't work, as it is tied to the TPM in the old system).

Note

Disclaimer: Neither I (Dwarf) nor Seven Forums shall be liable for loss of information stored on your drive should the above instructions fail. You undertake the above at your own risk. Should you deem this too risky, I suggest that you continue using the USB key.

lipton · 13 May 2011

Thanks. This is a very helpful explanation and I am pretty sure I can handle the required steps. One question - once i decrypt the drive, would it be advisable to refresh the TPM and re-aquire ownership before I activiate the drive encryption process?

Joey