I was having some problems with AMD Radeon Adrenalin settings on my Asus TUF Gaming A16 laptop and decided to roll back the GPU drivers. But before doing that, I needed to use Display Driver Uninstaller (DDU) in safe mode to remove the current software. To reboot Windows in safe mode, I always hit Win+R, then type msconfig, select the Boot tab, and then Safe Boot.
BitLocker Mysteriously Appears
As I was about to hit apply, a window popped up telling me that my main drive was BitLocker-encrypted and that I would need to use a recovery key, or words to that effect. I have never used BitLocker, and this was the first time I had come across such a message, so I had to assume that a Windows update had turned on this encryption without asking me. So I decided not to boot into safe mode and simply turn BitLocker off, which is done through Control Panel by typing BitLocker into the Windows Settings page.
As soon as I turned the damn thing off, Windows began decrypting my OS drive without asking, when I didn’t even realise that it had been encrypted in the first place. Anyway, the strange thing is that it didn’t ask for a recovery key, so I let it run, which took over an hour, with no further messages once it had finished. I did expect an apology from Microsoft at the very least, but that would be when pigs fly. In other words, SNAFU.
How Did BitLocker Self-Activate?
There are numerous answers as to how this happens, but no clear answers from Microsoft. From what I can gather, it’s automatic on new Windows 11 installs, but that has not been my experience, having recently clean-reinstalled Windows 11 on my main PC. Others suggest it’s because of changes I made in the UEFI/BIOS or other nonsense, which doesn’t apply to me because I haven’t made any serious security changes to the laptop since buying it last year. Anyway, laptop UEFIs are basic to say the very least.
Where Are My BitLocker Recovery Keys?
You can find them at account.microsoft.com/devices/recoverykey, which is what I did.
I then found that the recovery key had been uploaded on 16th August 2024, which is the date I unboxed the new laptop in the UK and set it up, but I do not recall the drive being encrypted.
In fact, the new laptop had Windows 11 Home installed, which uses a form of BitLocker Lite encryption but uses the same BitLocker recovery keys, if that makes any sense. I later upgraded the laptop to Pro, and even then, I wasn’t aware that the drive was encrypted. Moreover, I distinctly recall that I have used DDU in safe mode on this laptop at least once before and never received the cryptic message, so I’m puzzled as to when it activated itself.
The problem with drives being encrypted without our knowledge is that, without a recovery key, you’re screwed, and it would require a clean Windows install from a prepared pen drive, not to mention the loss of data if not backed up. I’ve now checked all the computers in our household, and none of them have BitLocker turned on, but it is something that I will be keeping an eye on in the future.
—
