BitLocker Turning Off the Startup PIN for Workstations

So your desktop/workstation is using BitLocker encryption. The machine itself has a TPM (this has to be built in, can’t be added later).

But it somehow keeps asking you to type a PIN every time you reboot the machine. This is extremely inconvenient if you frequently reboot and frequently access your machine remotely. To turn it off:

1. Open an admin command prompt and type the following:

manage-bde –status

Look under the “Key Protectors” list. It probably says TPMAndPin. You want that to just say TPM. To change it:

manage-bde –protectors –add c: –tpm

Replace c: with your system drive if it isn’t c:.

1 comment:

Gaurav Jalan said...

Awesome Shea, very helpful!!! I spent a lot of time trying to fix this in frustration, but finally you made it work man!!!

Post a Comment