If you’re getting the BitLocker recovery screen while starting up your computer, you’re not alone, and it’s probably because of the bug after installing the July 2024 Patch Tuesday Update on Windows 11.
On July 9, 2024, Microsoft released the update KB5040442 for Windows 11 23H2 and 22H2, which bumped the version number to build 22631.3880 and 22621.3880. The update was supported to be another rollout with security fixes and several changes for Copilot AI, Settings app, Share, and more, but then users quickly started to notice that after the update, their computers began to boot into the BitLocker recovery screen instead of booting into the operating system.
According to a statement from Microsoft, the update KB5040442 has an issue that causes the device to show the BitLocker recovery screen during startup. Usually, when this happens, it’s related to problems caused by the system TPM (Trusted Platform Module), but in this case, it’s an issue with the update.
This issue affects not only Windows 11 23H2 and 22H2 but also version 21H2, Windows 10 22H2 and 21H2. Furthermore, this can also happen to Windows Server 2022, 2019, and older versions. These instructions apply to Windows 11 and 10.
How to fix BitLocker recovery screen on startup on Windows 11
To fix the issue with the BitLocker recovery screen on Windows 11, you would need another computer with internet access, and then use these steps:
Confirm the computer’s name from the list to find the recovery key.
Confirm the recovery key in the BitLocker recovery screen to start Windows 11.
Click the Continue button.
Continue with the on-screen directions.
If you can find the recovery key on your Microsoft account, there’s a chance that when you enabled BitLocker, you used a different option to save the recovery key. This includes printing the key on a physical piece of paper, or you probably saved it in a file on a USB flash drive or another type of storage.
At the time of writing, if you don’t have a recovery key, you won’t be able to start your computer. Microsoft says that it is working on another solution for affected devices, but it’s unclear when the fix will become available.
The company also notes that this issue is only affecting computers using the “Device Encryption” option available through Settings > Privacy & Security > Device Encryption.
Although an update requiring an encryption key to unlock a device is rare, it shows that encryption can be a double-edged sword. On one side, it can help you protect your device and data, but on the other, it can also lock you out without a way to access it.
Also, in this particular case, the recovery screen appeared because of a faulty update. However, I have experienced the same problem on other occasions where the issue was related to the TPM and problems with the motherboard’s firmware. As a result, on more than one occasion, I had to erase the hard drive and reinstall the operating system. Thankfully, this happened to me on devices in my lab environment, so my personal files weren’t impacted.
My concern is that Microsoft plans to expand the use of BitLocker on new installations by default with the release of Windows 11 24H2, and if something happens on the device or another faulty update releases, it could end up affecting a lot of devices.
If you use BitLocker (or Device Encryption (basically a light version of BitLocker)) and have access to the desktop, it’s vital to ensure that you create a backup of the recovery key to your Microsoft account or use any of the other available options.
While I recommend the use of encryption to protect your data, you can disable BitLocker on Windows 11 if you are concerned about being locked out of your device and data.
You always reinforce your recovery strategy by regularly creating a full backup of Windows 11 to USB storage or creating a file backup.