Windows 10: Bitlocker automatically activated on private windows computers

Discus and support Bitlocker automatically activated on private windows computers in Windows 10 Software and Apps to solve the problem; Hi, We have received inquiries from users that their private computer is asking for a Bitlocker key. Looks like that the users had downloaded the... Discussion in 'Windows 10 Software and Apps' started by Sukhman Singh Nijjar, Sep 23, 2022.

  1. Bitlocker automatically activated on private windows computers


    Hi, We have received inquiries from users that their private computer is asking for a Bitlocker key. Looks like that the users had downloaded the Office 365 apps on their private computer and logged in with their Microsoft 365 work and school account to activate the Office 365 apps. After that, the computers were automatically Azure AD registered, which led to Bitlocker being automatically activated on their private computer - and the Bitlocker key "secretly" got stored in Azure AD without the users knowing. Is there any solution for a Global Admin in Microsoft 365 to prevent private compu

    :)
     
    Sukhman Singh Nijjar, Sep 23, 2022
    #1
  2. Viruzz Win User

    HELP: Automatic BitLocker Unlock.

    Please help,
    Looking for a way( script or maybe some unknown windows command or registry hack) to automatically unlock a non OS BitLocker encrypted drive on Log-In.

    My situation: Right now my OS SSD Samsung 840 Evo has a boot password, its not Bios option nor windows eDrive but the third one, the one you need 3rd party software to activate it, had to purchase EMBASSY Security Center to do it.
    No issues here, the OS drive is locked and encrypted.

    One of My HDD Drives is encrypted with Bitlocker, so every time my PC is booted, I need to enter windows log-in password and then open my computer and enter another password to unlock the drive.
    Whats worse is that unlike the SSD that needs unlock password only after full shutdown the Bitlocker needs it every log-in.

    Windows has an option to Automaticlly unlock all BitLocker drives on boot, BUT the issue here is that this official option only works if your OS drive is also BitLocker encrypted and then log-in password unlocks everything.

    Im looking for maybe a windows Script or some Hidden command to automatically unlock the BitLocker drive.

    Even if it Sounds insecure like having the actual password somewhere in the registry, text file or script I dont care because the OS drive is encrypted and passworded.
    Also I have a TPM chip I can encrypt any file/folder so even if file is copied from my PC when its fully unlocked the files wont be readable anywhere unless unencrypted before.

    If its important im on 8.1 pro 64bit

    P.S. If there is no solution for my problem then my only choice is when windows 10 comes out to do a clean install on another Samsung 840 Evo that was previously cleared and eDrive option enabled


    Thanks in advance.
     
    Viruzz, Sep 23, 2022
    #2
  3. Viruzz Win User
    HELP: Automatic BitLocker Unlock.

    Thank you sir, ill try your solution.

    Windows Auto unlock ONLY works in case you have Bitlocker on your system drive, because if your system drive is not encrypted auto unlocking other drives means loss of security.
    But in my case my system drive is Encrypted with hardware encryption that i password unlock during boot. So auto unlocking Bitlocker drives will do fine for me.
     
    Viruzz, Sep 23, 2022
    #3
  4. Bitlocker automatically activated on private windows computers

    HELP: Automatic BitLocker Unlock.

    more clear
    0down voteaccepted
    I managed to figure out how to fix this. It doesn't use the native auto-unlock function like I was hoping (rather a script that unlocks using a .BEK file, as I mentioned) but it seems to work just as well.

    First, you need to create a .BEK file that can unlock the disk. This is the command I used:

    manage-bde -protectors -add d: -rk c:\

    Substitute d: with whichever drive you want to auto-unlock. The output will look something like this (take note of the "external key file name"):

    BitLocker Drive Encryption: Configuration Tool version 10.0.10011
    Copyright (C) 2013 Microsoft Corporation. All rights reserved.

    Key Protectors Added:

    Saved to directory c:\

    External Key:
    ID: {9DDF4900-5E08-479A-8C4C-6ADE2DA00551}
    External Key File Name:
    9DDF4900-5E08-479A-8C4C-6ADE2DA00551.BEK

    Now you need to create the script to unlock the drive. Just create a batch file in the root directory with the following line:

    manage-bde -unlock d: -rk C:\[external key filename]

    Again, replace d: with the correct drive letter. Replace [external key filename] with the filename you got before.

    Finally, you need to tell Windows to run this script at startup, before you log in. (Or at least I needed it to run then, because that's where my desktop, etc. are stored.) Here's how you do that:

    • Press Win+R and enter gpedit.msc. (This is only in Pro, but so is BitLocker, so that's not an issue here.)

    • On the left, navigate to Computer Configuration > Windows Settings > Scripts (Startup/Shutdown)

    • Double-click "Startup" on the right

    • Click "Add..." and select the batch file you created before.

    • Click OK and exit Group Policy Editor.
    Now you can reboot the computer to test it. You should see your drive automatically unlocked
     
    Rafa anabe, Sep 23, 2022
    #4
Thema:

Bitlocker automatically activated on private windows computers

Loading...
  1. Bitlocker automatically activated on private windows computers - Similar Threads - Bitlocker automatically activated

  2. Bitlocker automatically activated on private windows computers

    in Windows 10 Gaming
    Bitlocker automatically activated on private windows computers: Hi, We have received inquiries from users that their private computer is asking for a Bitlocker key. Looks like that the users had downloaded the Office 365 apps on their private computer and logged in with their Microsoft 365 work and school account to activate the Office...
  3. Bitlocker automatically activated on private windows computers

    in AntiVirus, Firewalls and System Security
    Bitlocker automatically activated on private windows computers: Hi, We have received inquiries from users that their private computer is asking for a Bitlocker key. Looks like that the users had downloaded the Office 365 apps on their private computer and logged in with their Microsoft 365 work and school account to activate the Office...
  4. Bitlocker automatically activated....

    in Windows 10 Installation and Upgrade
    Bitlocker automatically activated....: Today I turned on my computer to a blue screen asking for my bitlocker recovery key... this is the first I have ever heard of bitlocker. I accessed my microsoft account with a recovery key not saved there and I was without memory of ever activating the bitlocker. It is a...
  5. Bitlocker automatically activated

    in AntiVirus, Firewalls and System Security
    Bitlocker automatically activated: Dears Now I have an issue with my laptop yesterday it was working fine today asking for a Bitlocker key checked in my email and Microsoft account nothing how I can open my windows now I have important doc, please help me without losing data...
  6. Windows automatic repair and bitlocker

    in Windows 10 BSOD Crashes and Debugging
    Windows automatic repair and bitlocker: I have blocker on my computer. When i updated the compete and restarted it today, it went into repair after the restart. It asks for the bitlocker password, which is fine. After passing the normal bitlocker page, it asks for the recovery key. It was 6 years ago that i set it...
  7. Bitlocker being automatically activated for learning purpose

    in AntiVirus, Firewalls and System Security
    Bitlocker being automatically activated for learning purpose: I have seen many cases of bit locker being automatically activated and the user has no knowledge that it has been activated until it asks for the bit locker key , may i know how the BitLocker gets automatically activated without users consent ? and please let me know all...
  8. Need to reset computer that has bitlocker activated

    in Windows 10 Support
    Need to reset computer that has bitlocker activated: We have a computer with Bitlocker (TPM) on it and I use Sophos to track the recovery key. Each time you use the recovery key it resets the key and tells Sophos the new key. We don't have the windows password to log on so we cannot change the boot pin and I need to do a...
  9. Automatically locking BitLocker volumes

    in AntiVirus, Firewalls and System Security
    Automatically locking BitLocker volumes: Is there an easy way to have certain BitLocker volumes lock automatically after a period of user absence and lack of reading/writing to the volumes? Perhaps a utility that does this? I've been playing with a scheduled task, but so far, it locks the volumes when I don't...
  10. Multiple Active Private Networks

    in Windows 10 Network and Sharing
    Multiple Active Private Networks: First of all I have been having trouble with printing. Usually I have to uninstall my printer and re-install it to print over the network. Today even that didn't work. I discovered my HOME NETWORK was NOW public network AGAIN.... Thanks Windows 10. Anyways, fixed it again...