The BitLocker logo of a hard drive, keys, and a lock

Windows update may present users with a BitLocker recovery screen

Some Windows users may see a BitLocker Recovery screen after applying the Microsoft patch Tuesday updates. BitLocker is a Windows security feature that encrypts entire drives. It prevents someone that has obtained a stolen or lost device from reading the files stored on that drive.

Unfortunately, though, Microsoft launched an update this month that has caused problems for some Windows systems. Without telling the public what, exactly, has gone wrong, Microsoft provided some details about what might happen on the Windows release health dashboard.

Affected systems are running Windows 10 and 11 or one of the server versions (Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows Server 2008.). And the affected systems are very likely to have Device Encryption enabled.

You can find out if you have Device Encryption enabled by looking at:

  • Settings
  • Privacy & Security
  • Device encryption

If Device encryption doesn’t appear under Privacy & Security, it isn’t available for your system.

Under normal circumstances you wouldn’t see the BitLocker Recovery screen unless you enter the wrong PIN too many times or when you’ve made some hardware or firmware changes.

If you are affected by this faulty update, you will be presented with a screen similar to this one when you boot the system.

BitLocker recovery screen
BitLocker recovery screen

On the screen, you’re asked to Enter the recovery key for this drive. Windows will also show a recovery ID to identify your key. Keep it handy since you may need this to find the recovery key.

How to get the recovery key

On another device, you can log in at  https://aka.ms/myrecoverykey with your Microsoft account ID that you use on the currently affected system. Once logged in, you’ll see a list of the devices registered to that ID showing:

  • The Device name
  • The Key ID
  • The Recovery Key
  • Which drive type (OSV drive is a Primary drive containing the Operating System. FDV drive is a Secondary drive)
  • Key upload date

Find the Recovery key you need by looking for the Key ID that matches the Recovery key ID shown in the BitLocker Recovery screen and enter the Recovery Key listed behind that Key ID in the BitLocker Recovery screen.

Once you’ve entered the correct Recovery Key, your system should boot to the normal login screen.


We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

ABOUT THE AUTHOR

Pieter Arntz

Malware Intelligence Researcher

Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.