5

I have Bitlocker enabled on my Windows 10 computer, without a TPM, just a password. Usually when I restart my computer, it gives me a plain blue page asking for my password. After entering it, it boots normally, giving me a normal login screen with my username and profile picture. This same process usually happens on auto restarts due to Windows updates.

For a few days I've been getting notifications that I need to restart for a new big update. This morning it auto restarted (apparently, I was asleep) and installed the update. But when I woke up and used the computer, I did not get the plain blue password page. I got a login page with my username and picture, though the background image was different. Logging in, it said welcome to the new update, and all the windows I had open were closed (just like any restart).

So my question is, how did it do a restart without the blue page asking for my password? How was it able to know my username and profile picture without me entering my password? Is Bitlocker actually encrypting my data or not?

In my event logs it says "The operating system started at system time ‎2018‎-‎02‎-‎04T12:19"[...]. So that seems to indicate it rebooted. Strangely all my event logs before this time seem to have been deleted.

Improve this question
1
  • 1
    So practically windows bypassed your boot password ?
    – Overmind
    Commented Feb 5, 2018 at 6:59

1 Answer 1

Reset to default
8

You can suspend bitlocker for up to 15 Reboots at at time with Powershell.

Start a Powershell Shell with Admin Privliges and enter

Suspend-BitLocker -MountPoint "Drive" -RebootCount X

Where Drive ist your Driveletter (i.e. C:) and X is the Number of Reboots you want to suspend Bitlocker (0-15)

Most likely the Update Programm used this or a variation of it.

Source: https://technet.microsoft.com/de-de/library/jj649830(v=wps.630).aspx

Improve this answer
1

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .