This article describes steps one can take to set up BitLocker automatically unlock a PC at startup via TPM in Windows 11.
BitLocker helps protect your data on your computer so only authorized users have access to it. In addition, new files created on a BitLocker-enabled drive will also be protected.
BitLocker will automatically check the PC at startup to make sure that the computer has not been tampered with, including BIOS changes and other security risks.
By default, a PC with a TPM chip which BitLocker recognizes, will automatically unlock the PC during startup. However, users can add additional security measures at startup to protect encrypted data.
If you have set up BitLocker to require users to insert a USB drive that contains a startup key and a PIN at startup before the computer starts, the steps below show you how to revert to the default behavior.
Disable BitLocker requirements for USB and PIN at startup on a PC with Windows 11
As described above, If you have set up BitLocker to require users to insert a USB drive that contains a startup key and a PIN at startup before the computer starts, here’s how to disable that.
With BitLocker enabled on your OS drive, open the Control Panel and browse to the BitLocker page.
Control Panel\System and Security\BitLocker Drive Encryption
Then click on the link, “Change how drive is unlocked at startup.”
Next, select the “Let BitLocker automatically unlock my drive” link to continue.
Click Finish on the next page.
BitLocker’s default behavior of automatically unlocking the PC OS via TPM will begin when you restart your computer.
That’s it.
Conclusion:
This post showed you how to disable BitLocker, requiring a PIN and USB flash drive with a BitLocker key at startup on Windows 11.
Please use the comment form below if you find any errors above or have something to add.
