#Having to type bitlocker recovery key windows 10 pdate password#
In this situation, you need to suspend BitLocker protection by using the Manage-bde command-line tool, delete the password unlock method, and add the smart card method. Policy settings are changed to disallow passwords and require smart cards. This situation could occur, for example, if a removable drive is initially configured to be unlocked with a password and then Group If multiple changes are necessary to bring the drive into compliance, you must suspend BitLocker protection, make the necessary changes, and then resume protection. When a drive is out of compliance with Group Policy settings (for example, if a Group Policy setting was changed after the initial BitLocker deployment in your organization, and then the setting was applied to previously encrypted drives), no change can be made to the BitLocker configuration of that drive except a change that will bring it into compliance. If a computer isn't compliant with existing Group Policy settings, BitLocker may not be turned on or modified until the computer is in a compliant state. Most of the BitLocker Group Policy settings are applied when BitLocker is initially turned on for a drive.
For details about those settings, see Trusted Platform Module Group Policy settings.īitLocker Group Policy settings can be accessed using the Local Group Policy Editor and the Group Policy Management Console (GPMC) under Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption. A separate set of Group Policy settings supports the use of the Trusted Platform Module (TPM).