Microsoft re enables bitlocker, locked my computer and deleted the windows hello pin after installing 23H2.

ThrashZone · Dec 4, 2023

Hi,
Yeah can't let your guard down for even a second
Funny I don't even have win-10 drivers form my new lappy.
Have to contact acer and ask why. and why tpm access is locked to.

But installing green 23h2 what were you thinking :confused:

Jacky_BEL · Dec 4, 2023

This is why microsoft uses linux itself. :roll:

W1zzard · Dec 5, 2023

ThrashZone said:
Hi,
Yeah I'm not seeing anything about disabling bitlocker here ? @W1zzard

Windows 11 Tweaks for GPU Benchmark

Updated for 24H2 Install without Internet When it prompts you to go online, press Shift+F10 and type "OOBE\BYPASSNRO" (that's an o not a zero at the end). After the automatic reboot you can install without network Install on systems without TPM, UEFI or other requirements...

www.techpowerup.com

Only this bit not sure it's the same or not ?

Code:

rem Disable automatic TCG/Opal disk locking on supported SSD drives with PSID reg add HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices /v TCGSecurityActivationDisabled /t REG_DWORD /d 1 /f

Did run across this but back in April

How to prevent automatic drive encryption in Windows 11?

Not sure, if it is possible in OOBE, but disabling/removing bitlocker/EFS services should prevent it 100%. I do this post-setup: Disable decryption and decrypt, in case the disk is already encrypted. reg add "HKLM\System\CurrentControlSet\Control\BitLocker" /v "PreventDeviceEncryption" /t...

www.elevenforum.com

Any idea what qualifies a machine for automatic Bitlocker encryption? Never ran into it and I do a lot of fresh installs

Ferrum Master · Dec 5, 2023

W1zzard said:
Any idea what qualifies a machine for automatic Bitlocker encryption? Never ran into it and I do a lot of fresh installs

Usually laptops. Never on a desktop machine.

It happens very very often actually.

GerKNG · Dec 5, 2023

W1zzard said:
Any idea what qualifies a machine for automatic Bitlocker encryption? Never ran into it and I do a lot of fresh installs

it seems to be only on OEM devices and the earliest cases are from 2017.

Windows 10/11 Home Edition and the OEM Bitlocker pitfall

[German]Today a topic that might have put one or the other user in an unpleasant situation. A machine with Windows 10 Home Edition (or Windows 11 Home) suddenly requests a Bitlocker key after an…

borncity.com

TheinsanegamerN · Dec 5, 2023

GerKNG said:
brother bought a new laptop, got his old one and wiped it.
fresh W11 Pro installation, manually disabled bitlocker and checked a couple times that it is actually disabled. (wasn't the first time i found it to be enabled again after a couple weeks)
yesterday it installed 23H2 and it restarted for like 45 minutes... now bitlocker was automatically enabled again and this time it just reset my windows hello credentials and denied access to my own fucking computer.
after finding the uploaded bitlocker key from my PC, the windows pin was reset, i couldn't log in and it required an internet connection, email verification and a new pin just to get back to the desktop.

Yup sounds like MS to me.

GerKNG said:
what is wrong with this company? it's like paying rent for restricted access to my own property.

They are a multi trillion dollar company, they OBVIOUSLY know better then you.

GerKNG said:
and how can i make sure that this shit stays disabled? (happened so far only on OEM devices like HP, Dell and Lenovo Laptops and not desktop DIY PCs.)

Step 1: use linux.
Step 2: if you must use windows, use rufus to make the install, disable the TPM, bitlocker, and online account options. Force your way into having a local admin account.

Vayra86 said:
Do you guys understand what you're saying? And do you understand what I'm saying? Our opinions are not far apart - I just don't subscribe to the idea that in a corporate environment like this, not every move that goes to the public goes unvetted. Everything corporate does is intentional. They know we'll swallow it. They know they can get away with it. They do it.

I work at a company on national scale and even we vet, test and then test again everything. This topic is about the way Windows works wrt to authentication and security. You can be damn sure this is either intentional or such an edge case it was never picked up on.

And its gonna get worse. Just look at windows 12's AI "features" being promoted. A whole new level of surveillance and interconnectivity. MS is also the same company that wants its gamepass service on every device you have, and wants platform bans to travel to everything you own.

MS has always been a dystopian company, with modern tech they can finally fill those boots. And along the way, you normal users are going to get RAILROADED with "bugs". And those who dont upload all their personal info, their ID, their license, bloodwork, and DNA sample to MS are going to find these bugs a lot more often.

ThrashZone · Dec 5, 2023

W1zzard said:
Any idea what qualifies a machine for automatic Bitlocker encryption? Never ran into it and I do a lot of fresh installs

Hi,
No idea
Limited bios access on laptops/ thought most susceptible would be 11 home but seems pro is also being bitlocked to
Here's another on an oem only common part is oem and 23h2 hehe

All partitions are Bitlocker on Win 11 Home SL?

Just made a clean install on a M.2 NVMe on a Samsung Book X30 It says that all data partitions are Bitlocker encrypted. - Its a Win 11 Home SL -Never set any Bitlocker encryption. What´s going on?

www.elevenforum.com

I just got a new acer lappy so this issue is interesting to say the least I'm on 22h2 though 11 pro.

Found this bit on 11 forum not sure you saw this or not so here it is again

ThrashZone said:
Hi,
MS rarely follows GP.

By the way I didn't read any that helped turn bl off just jumps from hardware to software usage of it.

I asked the dude on 11f and said I got E & F to if this would work and he said it should

Code:

reg add "HKLM\System\CurrentControlSet\Control\BitLocker" /v "PreventDeviceEncryption" /t REG_DWORD /d "1" /f fsutil behavior set disableencryption 1 manage-bde -off C: manage-bde -off D: manage-bde -off E: manage-bde -off F: cipher /d /e /f /s:C:\ sc config EFS start= disabled sc config BDESVC start= disabled

Kapone33 · Dec 5, 2023

I don't have any data but I have a strange suspicion that Game pass is somehow hooked into Bitlocker in some way.

ThrashZone · Dec 5, 2023

kapone32 said:
I don't have any data but I have a strange suspicion that Game pass is somehow hooked into Bitlocker in some way.

Hi,
Yeah that ms account
MS has to protect that money maker info for themselves

Begs the quest if using local account what stops ms from one day using info from it to create a ms account of some sort
They already suggest names for email addresses.

Ever log into a hotmail/... using win-11 ? I have looks like all ms needs is to use that info and auto switch me off local :eek:

Kapone33 · Dec 5, 2023

ThrashZone said:
Hi,
Yeah that ms account
MS has to protect that money maker info for themselves

Begs the quest if using local account what stops ms from one day using info from it to create a ms account of some sort
They already suggest names for email addresses.

Ever log into a hotmail/... using win-11 ? I have looks like all ms needs is to use that info and auto switch me off local

F'ing scary but true. MS has never been our friend. Like why are PC Games suddenly $100 Canadian or more than console Games for the base from studios they are buying.

Space Lynx · Dec 5, 2023

GerKNG said:
it seems to be only on OEM devices and the earliest cases are from 2017.

Windows 10/11 Home Edition and the OEM Bitlocker pitfall

[German]Today a topic that might have put one or the other user in an unpleasant situation. A machine with Windows 10 Home Edition (or Windows 11 Home) suddenly requests a Bitlocker key after an…

borncity.com

I was using an OEM Win 11 Pro key when it messed up my Kingston KC3000 drive. It all makes sense now, heh. Win 10 Home OEM key no issues, because no bitlocker on Home Win 10.

ThrashZone · Dec 5, 2023

Hi,
Yeah updates tend to reset registry setting and or just regular personal privacy... setting to it's own advantage in the word of "best experience" why do you think onedrive/ teams/ ... keep reappearing lol
Group policy wise a lot is just ignored on some features and or EOLed and not cleaned out so this is not a reliable course.

I've noticed on multiple occasions going through settings for a split second the setting is not what I set it to but default but quickly changes when I switching to it lol
Setting preferences are also likely ignored and just there for show.

Kapone33 · Dec 5, 2023

Explain to me how you could change a drive letter in Disk Management and lose access to your Game Pass library

Assimilator · Dec 5, 2023

kapone32 said:
Explain to me how you could change a drive letter in Disk Management and lose access to your Game Pass library

View attachment 324256

For fuck's sake. How exactly is an application supposed to magically know when you've changed the drive letter underneath it? It doesn't. Steam, or in fact literally any application ever, will have the exact same problem if you do the exact same thing.

Kapone33 · Dec 5, 2023

Assimilator said:
For fuck's sake. How exactly is an application supposed to magically know when you've changed the drive letter underneath it? It doesn't. Steam, or in fact literally any application ever, will have the exact same problem if you do the exact same thing.

First of all I have 9 drives in my PC. I did not change the drive letter that Gamepass files are saved on. There was no issue with Steam as it was a formatted drive that was empty. If you are so confident about Gamepass not being able to do that do you realize it is offered as a part of Windows Install if you click Gaming in the settings. Why do we not have access to the files?

I bet you are attacking me for no reason because you are bored.

R-T-B · Dec 5, 2023

W1zzard said:
Any idea what qualifies a machine for automatic Bitlocker encryption? Never ran into it and I do a lot of fresh installs

I'm pretty sure its part of the TrustedCore bios builds on OEM machines. Most white box builds will not run into this.

remixedcat · Dec 6, 2023

Space Lynx said:
@GerKNG Pretty sure this is how my Kingston KC3000 1tb got fucked up before I did the RMA on it, bitlocker encrypted it without my permission, then I went to clean install Linux one day and the two OS's waged a war somehow, cause Linux was trying to overwrite it, and then it just all got fucked up from there I guess. No idea. BUt I RMA'd got a new drive, and Win 10 Home has been treating me good ever since, I am not upgrading my OS until 2026, fuck that noise.

did you install windows first? immediatly disable bitlocker and fast startup in order to dual boot you gotta install windows first, than linux. . Did that on my new dell that'm using and that worked. I also have windows updates firewalled on my meraki mx64 router... there's even a "windows updates" preset for it lol... n that's what I have configured on my firewall

RJARRRPCGP · Dec 6, 2023

GerKNG said:
the windows pin was reset, i couldn't log in and it required an internet connection, email verification and a new pin just to get back to the desktop.

This can also happen if Secure Boot is disabled. Same with updating the UEFI-BIOS. You can run into this situation if the BIOS gets updated, also the same if you change the CPU, IIRC!

Windows 11's login portion gets very sus if Secure Boot gets disabled. Even more likely if the BIOS settings are lost, where CSM is enabled! But it's highly likely just from Secure Boot being disabled by default with each BIOS update! In a way, it seems trigger-happy, like XP, when there was no such thing as UEFI! Because back in the legacy-BIOS days, BIOS updating was rare on an existing installation, compared to now!

lexluthermiester · Dec 12, 2023

W1zzard said:
Any idea what qualifies a machine for automatic Bitlocker encryption? Never ran into it and I do a lot of fresh installs

Same here, I've never seen it auto-enable.

RJARRRPCGP said:
Windows 11's login portion gets very sus if Secure Boot gets disabled.

This is not correct. I have been using 11 since the first days of the beta program and have never used SecureBoot. No issues whatsoever.

GerKNG · Dec 12, 2023

lexluthermiester said:
Same here, I've never seen it auto-enable.

went through three more systems (DIY, Dell Laptop and HP Laptop)
DIY is automatically disabled.
OEMs seems to get recommended by microsoft to auto enable device encryption. (was a reply on a HP forum)
and on both laptop it was auto enabled after a fresh install from my 23H2 USB Drive.

ThrashZone · Dec 12, 2023

Hi,
God I love new rufus :cool:

lexluthermiester · Dec 12, 2023

GerKNG said:
went through three more systems (DIY, Dell Laptop and HP Laptop)
DIY is automatically disabled.
OEMs seems to get recommended by microsoft to auto enable device encryption. (was a reply on a HP forum)
and on both laptop it was auto enabled after a fresh install from my 23H2 USB Drive.
View attachment 325146

I don't think all OEM systems are being done like this. But who knows. It's really kinda stupid.

ThrashZone said:
Hi,
God I love new rufus

Right?

ThrashZone · Dec 12, 2023

Hi,
Yeah hopefully I got the acer crapware off my lappy that would approve such a features as bitlocker
But had to install a few to get oc features back after clean install of 22h2
Offline install is #1 rufus iso prep #2 hehe.

cst1992 · Dec 12, 2023

lexluthermiester said:
ThrashZone said:

Hi,
God I love new rufus

Click to expand...

Right?

I installed Win11 using Rufus in my new rig and honestly couldn't understand what the fuss was about about Win11.
Then I realized Rufus took care of it all:
- Removed any crap regarding online Microsoft account requirements
- Removed OOBE (so you can click "I don't have Internet" during setup)
- Removed Secure Boot requirement, requirement for 4GB+ RAM and TPM 2.0
- Disabled telemetry questions
- Created a local account with my name
- Disabled BitLocker

ThrashZone · Dec 12, 2023

cst1992 said:
I installed Win11 using Rufus in my new rig and honestly couldn't understand what the fuss was about about Win11.
Then I realized Rufus took care of it all:
- Removed any crap regarding online Microsoft account requirements
- Removed OOBE (so you can click "I don't have Internet" during setup)
- Removed Secure Boot requirement, requirement for 4GB+ RAM and TPM 2.0
- Disabled telemetry questions
- Created a local account with my name
- Disabled BitLocker

Hi,
Yep I'll mount 23h2 using rufus prepping the iso before as well
Way to easy :cool:

System Name	Ghetto Rigs z490\|x99\|Acer 17 Nitro 7840hs/ 5600c40-2x16/ 4060/ 1tb acer stock m.2/ 4tb sn850x
Processor	10900k w/Optimus Foundation \| 5930k w/Black Noctua D15
Motherboard	z490 Maximus XII Apex \| x99 Sabertooth
Cooling	oCool D5 res-combo/280 GTX/ Optimus Foundation/ gpu water block \| Blk D15
Memory	Trident-Z Royal 4000c16 2x16gb \| Trident-Z 3200c14 4x8gb
Video Card(s)	Titan Xp-water \| evga 980ti gaming-w/ air
Storage	970evo+500gb & sn850x 4tb \| 860 pro 256gb \| Acer m.2 1tb/ sn850x 4tb\| Many2.5" sata's ssd 3.5hdd's
Display(s)	1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case	D450 \| Cherry Entertainment center on Test bench
Audio Device(s)	Built in Realtek x2 with 2-Insignia 2.0 sound bars & 1-LG sound bar
Power Supply	EVGA 1000P2 with APC AX1500 \| 850P2 with CyberPower-GX1325U
Mouse	Redragon 901 Perdition x3
Keyboard	G710+x3
Software	Win-7 pro x3 and win-10 & 11pro x3
Benchmark Scores	Are in the benchmark section

System Name	MSi Coffee Lake
Processor	i7-8700k
Motherboard	MSI Z370 GAMING PRO CARBON AC
Cooling	NZXT something AIO loop
Memory	16GB Kingston HyperX 2133 C14 Fury Black
Video Card(s)	TITAN Xp Jedi Order Edition
Storage	Samsung 960 Evo NVMe
Display(s)	Medion 23'
Case	Cooler Master Stryker
Audio Device(s)	onboard
Power Supply	BeQuiet 600W
Mouse	Logitech Trackman T-BB18
Keyboard	Generic hp
Software	Windows 10

Processor	Ryzen 7 5700X
Memory	48 GB
Video Card(s)	RTX 4080
Storage	2x HDD RAID 1, 3x M.2 NVMe
Display(s)	30" 2560x1600 + 19" 1280x1024
Software	Windows 10 64-bit

System Name	HELLSTAR
Processor	AMD RYZEN 9 5950X
Motherboard	ASUS Strix X570-E
Cooling	2x 360 + 280 rads. 3x Gentle Typhoons, 3x Phanteks T30, 2x TT T140 . EK-Quantum Momentum Monoblock.
Memory	4x8GB G.SKILL Trident Z RGB F4-4133C19D-16GTZR 14-16-12-30-44
Video Card(s)	Sapphire Pulse RX 7900XTX. Water block. Crossflashed.
Storage	Optane 900P[Fedora] + WD BLACK SN850X 4TB + 750 EVO 500GB + 1TB 980PRO+SN560 1TB(W11)
Display(s)	Philips PHL BDM3270 + Acer XV242Y
Case	Lian Li O11 Dynamic EVO
Audio Device(s)	SMSL RAW-MDA1 DAC
Power Supply	Fractal Design Newton R3 1000W
Mouse	Razer Basilisk
Keyboard	Razer BlackWidow V3 - Yellow Switch
Software	FEDORA 41

Processor	AMD Ryzen 9 9950X3D
Motherboard	ASRock B850M PRO-A
Cooling	Corsair Nautilus 360 RS
Memory	2x32GB Kingston Fury Beast 6000 CL30
Video Card(s)	PowerColor Hellhound RX 9070 XT
Storage	1TB Samsung 990 Pro, 2TB Samsung 990 Pro, 4TB Samsung 990 Pro
Display(s)	LG 27GS95QE-B, MSI G272QPF E2
Case	Lian Li DAN Case A3 Black Wood Edition
Audio Device(s)	Bose Companion Series 2 III, Sennheiser GSP600 and HD599 SE - Creative Soundblaster X4
Power Supply	Corsair RM1000X ATX 3.1
Mouse	Razer Deathadder V3
Keyboard	Razer Black Widow V3 TKL
VR HMD	Oculus Rift S

Microsoft re enables bitlocker, locked my computer and deleted the windows hello pin after installing 23H2.

ThrashZone

Jacky_BEL

W1zzard

Administrator

Windows 11 Tweaks for GPU Benchmark

How to prevent automatic drive encryption in Windows 11?

Ferrum Master

GerKNG

Windows 10/11 Home Edition and the OEM Bitlocker pitfall

TheinsanegamerN

ThrashZone

All partitions are Bitlocker on Win 11 Home SL?

Kapone33

ThrashZone

Kapone33

Space Lynx

Astronaut

Windows 10/11 Home Edition and the OEM Bitlocker pitfall

ThrashZone

Kapone33

Assimilator

Kapone33

R-T-B

remixedcat

RJARRRPCGP

lexluthermiester

GerKNG

ThrashZone

lexluthermiester

ThrashZone

cst1992

ThrashZone

System Name	Skunkworks 3.0
Processor	5800x3d
Motherboard	x570 unify
Cooling	Noctua NH-U12A
Memory	32GB 3600 mhz
Video Card(s)	asrock 6800xt challenger D
Storage	Sabarent rocket 4.0 2TB, MX 500 2TB
Display(s)	Asus 1440p144 27"
Case	Old arse cooler master 932
Power Supply	Corsair 1200w platinum
Mouse	squeak
Keyboard	Some old office thing
Software	Manjaro

System Name	Best AMD Computer
Processor	AMD 7900X3D
Motherboard	Asus X670E E Strix
Cooling	In Win SR36
Memory	GSKILL DDR5 32GB 5200 30
Video Card(s)	Sapphire Pulse 7900XT (Watercooled)
Storage	Corsair MP 700, Seagate 530 2Tb, Adata SX8200 2TBx2, Kingston 2 TBx2, Micron 8 TB, WD AN 1500
Display(s)	GIGABYTE FV43U
Case	Corsair 7000D Airflow
Audio Device(s)	Corsair Void Pro, Logitch Z523 5.1
Power Supply	Deepcool 1000M
Mouse	Logitech g7 gaming mouse
Keyboard	Logitech G510
Software	Windows 11 Pro 64 Steam. GOG, Uplay, Origin
Benchmark Scores	Firestrike: 46183 Time Spy: 25121

Processor	7800X3D -25 all core ($196)
Motherboard	B650 Steel Legend (White/Silver) ($189)
Cooling	RZ620 (White/Silver) ($32)
Memory	32gb ddr5 (2x16) cl 30 6000 (White/Silver) ($80)
Video Card(s)	Merc 310 7900 XT @3100 core -.75v (Black/Silver) ($705)
Display(s)	Agon 27" QD-OLED Glossy 240hz 1440p ($399)
Case	NZXT H710 (Black/Red) ($62)
Power Supply	Corsair RM850x ($109)

System Name	Firelance.
Processor	Threadripper 3960X
Motherboard	ROG Strix TRX40-E Gaming
Cooling	IceGem 360 + 6x Arctic Cooling P12
Memory	8x 16GB Patriot Viper DDR4-3200 CL16
Video Card(s)	MSI GeForce RTX 4060 Ti Ventus 2X OC
Storage	2TB WD SN850X (boot), 4TB Crucial P3 (data)
Display(s)	Dell S3221QS(A) (32" 38x21 60Hz) + 2x AOC Q32E2N (32" 25x14 75Hz)
Case	Enthoo Pro II Server Edition (Closed Panel) + 6 fans
Power Supply	Fractal Design Ion+ 2 Platinum 760W
Mouse	Logitech G604
Keyboard	Razer Pro Type Ultra
Software	Windows 10 Professional x64

System Name	Pioneer
Processor	Ryzen 9 9950X
Motherboard	MSI MAG X670E Tomahawk Wifi
Cooling	Noctua NH-D15 + A whole lotta Sunon, Phanteks and Corsair Maglev blower fans...
Memory	128GB (4x 32GB) G.Skill Flare X5 @ DDR5-4200(Running 1:1:1 w/FCLK)
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	Intel 5800X Optane 800GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs, 1x 2TB Seagate Exos 3.5"
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64, other office machines run Windows 11 Enterprise

System Name	RemixedBeast-NX
Processor	Intel Xeon E5-2690 @ 2.9Ghz (8C/16T)
Motherboard	Dell Inc. 08HPGT (CPU 1)
Cooling	Dell Standard
Memory	24GB ECC
Video Card(s)	Gigabyte Nvidia RTX2060 6GB
Storage	2TB Samsung 860 EVO SSD//2TB WD Black HDD
Display(s)	Samsung SyncMaster P2350 23in @ 1920x1080 + Dell E2013H 20 in @1600x900
Case	Dell Precision T3600 Chassis
Audio Device(s)	Beyerdynamic DT770 Pro 80 // Fiio E7 Amp/DAC
Power Supply	630w Dell T3600 PSU
Mouse	Logitech G700s/G502
Keyboard	Logitech K740
VR HMD	Linktr.ee/remixedcat // for my music ♡♡
Software	Linux Mint 20
Benchmark Scores	Network: APs: Ubiquiti Unifi AP-AC-LR and Lite Router/Sw:Meraki MX64 MS220-8P

System Name	KHR-1
Processor	Ryzen 9 5900X
Motherboard	ASRock B550 PG Velocita (UEFI-BIOS P3.40)
Memory	64 GB G.Skill RipJaws V F4-3200C16D-64GVK
Video Card(s)	Sparkle Titan Arc A770 16 GB
Storage	Western Digital Black SN850 1 TB NVMe SSD
Display(s)	Alienware AW3423DWF OLED-ASRock PG27Q15R2A (backup)
Case	Corsair 275R
Audio Device(s)	Technics SA-EX140 receiver with Polk VT60 speakers
Power Supply	eVGA Supernova G3 750W
Mouse	Logitech G Pro (Hero)
Software	Windows 11 Pro x64 23H2

System Name	The Sparing-No-Expense Build
Processor	Ryzen 5 5600X
Motherboard	Asus ROG Strix X570-E Gaming Wifi II
Cooling	Noctua NH-U12S chromax.black
Memory	32GB: 2x16GB Patriot Viper Steel 3600MHz C18
Video Card(s)	NVIDIA RTX 3060Ti Founder's Edition
Storage	500GB 970 Evo Plus NVMe, 2TB Crucial MX500
Display(s)	AOC C24G1 144Hz 24" 1080p Monitor
Case	Lian Li O11 Dynamic EVO White
Power Supply	Seasonic X-650 Gold PSU (SS-650KM3)
Software	Windows 11 Home 64-bit