How to safely turn off or delete BitLocker on new HP PC Windows 11 24H2


dagar7

Well-known member
Member
Local time
8:02 PM
Posts
33
OS
Windows 11 Pro 22621.2428
Setting up a new HP Pavilion Desktop TP01-2234 Windows 11 PC with a Local Account for a friend, the first surprise was finding that it was at 24H2 as received, which didn't cause a problem and greatly reduced the number of Windows and HP updates required last time I setup one of the same PCs in September. After installing the owners files and programs, I ran Reflect free to backup the drive only to see a note about the drive being encrypted with BitLocker. I started the backup but aborted it after almost an hour due to very little progress. I searched the web and it appears the encryption will be on all new PCs with 24H2 factory preinstalled and encryption turned on and also on reinstalls, clean installs.
I opened Settings > Privacy & Security > Device Encryption and Drive encryption is turned on, with a switch that I could turn off but want to be sure I don't screw up the drive. A bold notification wants me to sign with your Microsoft Account (which the owner doesn't have) to finish encrypting this device. There is also button to "Find your bit locker encryption key". No information included with the PC about an encryption key. I am attaching a screenshot of the Device Encryption screen as received.
I would appreciate advise about safely turning the Device encryption off temporarily or permanently for this PC.
Thank you
 

Attachments

  • BitLocker Screenshot 2024-12-12 143745.webp
    BitLocker Screenshot 2024-12-12 143745.webp
    22.3 KB · Views: 1

My Computers

System One System Two

  • OS
    Windows 11 Pro 22621.2428
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home built
    CPU
    Ryzen 7 5800X
    Motherboard
    ASUS TUF Gaming X570-Pro WiFi
    Memory
    32 GB Crucial 3200 MHz
    Graphics Card(s)
    Nvidia GTX 3060 Ti
    Sound Card
    none
    Monitor(s) Displays
    LG 29UB55 B 29 inch
    Screen Resolution
    2560 x 1080
    Hard Drives
    Samsung 980 Pro 1 TB NVMe SSD
    PSU
    Seasonic Focus GM650
    Case
    Fractal Design Define 7 Compact
    Cooling
    Noctua NH-U12A CPU Cooler
    Keyboard
    Logitech wireless
    Mouse
    Logitech wireless
    Internet Speed
    115 Mbps download
    Browser
    Google Chrome with Duck Duck Go search
    Antivirus
    Bitdefender Total Security and Malwarebytes Premium 4.5.11
  • Operating System
    Windows 11 Pro 22621.2428
    Computer type
    Laptop
    Manufacturer/Model
    ACER Asprire 5 A515-44-R2SA
    CPU
    AMD Ryzen 7 4700U
    Motherboard
    RO Calla_RN
    Memory
    16 GB
    Graphics card(s)
    none
    Sound Card
    none
    Monitor(s) Displays
    Built in
    Screen Resolution
    1080
    Hard Drives
    SK hynix Gold P31 NVMe 1 TB
    PSU
    built in
    Case
    included
    Cooling
    stock
    Mouse
    Logitech M310 wireless
    Keyboard
    Logitech K520 wireless
    Internet Speed
    354 Mbps
    Browser
    Brave
    Antivirus
    Malwarebytes Pro and BitDefender with exceptions and allowed lists. They have been running together for years.
At the botom of these tutorials are other tutorials that may be of interest


 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 Build 22631.4890
    Computer type
    PC/Desktop
    Manufacturer/Model
    Sin-built
    CPU
    Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz (4th Gen?)
    Motherboard
    ASUS ROG Maximus VI Formula
    Memory
    32.0 GB of I forget and the box is in storage.
    Graphics Card(s)
    Gigabyte nVidia GeForce GTX 1660 Super OC 6GB
    Sound Card
    Onboard
    Monitor(s) Displays
    4 x LG 23MP75 - 2 x 24MK430H-B - 1 x Wacom Pro 22" Tablet
    Screen Resolution
    All over the place
    Hard Drives
    Too many to list.
    OS on Samsung 1TB 870 QVO SATA
    PSU
    Silverstone 1500
    Case
    NZXT Phantom 820 Full-Tower Case
    Cooling
    Noctua NH-D15 Elite Class Dual Tower CPU Cooler / 6 x EziDIY 120mm / 2 x Corsair 140mm somethings / 1 x 140mm Thermaltake something / 2 x 200mm Corsair.
    Keyboard
    Corsair K95 / Logitech diNovo Edge Wireless
    Mouse
    Logitech G402 / G502 / Mx Masters / MX Air Cordless
    Internet Speed
    100/40Mbps
    Browser
    All sorts
    Antivirus
    Kaspersky Premium
    Other Info
    I’m on a horse.
  • Operating System
    Windows 11 Pro 23H2 Build: 22631.4249
    Computer type
    Laptop
    Manufacturer/Model
    LENOVO Yoga 7i EVO OLED 14" Touchscreen i5 12 Core 16GB/512GB
    CPU
    Intel Core 12th Gen i5-1240P Processor (1.7 - 4.4GHz)
    Memory
    16GB LPDDR5 RAM
    Graphics card(s)
    Intel Iris Xe Graphics Processor
    Sound Card
    Optimized with Dolby Atmos®
    Screen Resolution
    QHD 2880 x 1800 OLED
    Hard Drives
    M.2 512GB
    Antivirus
    Defender / Malwarebytes
    Other Info
    …still on a horse.
One or more of these links may be useful:
















 

My Computer

System One

  • OS
    Windows 10
    Computer type
    Laptop
    Manufacturer/Model
    HP
    CPU
    Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz
    Motherboard
    Product : 190A Version : KBC Version 94.56
    Memory
    16 GB Total: Manufacturer : Samsung MemoryType : DDR3 FormFactor : SODIMM Capacity : 8GB Speed : 1600
    Graphics Card(s)
    NVIDIA Quadro K3100M; Intel(R) HD Graphics 4600
    Sound Card
    IDT High Definition Audio CODEC; PNP Device ID HDAUDIO\FUNC_01&VEN_111D&DEV_76E0
    Hard Drives
    Model Hitachi HTS727575A9E364
    Antivirus
    Microsoft Defender
    Other Info
    Mobile Workstation
I appreciate the links to the articles, but I am afraid that this may be a special case because of: "A bold notification wants me to sign with your Microsoft Account (which the owner doesn't have) to finish encrypting this device." This makes me concerned that finish encrypting may mean that it is in some sort of partially encrypted state, or it just wants the user to have a MSFT account and store the key in that account. If it is only partially encrypted would turning off the encryption switch shown in the screenshot I included in my original post, just turn it off or put me in some kind of recovery mode?
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 22621.2428
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home built
    CPU
    Ryzen 7 5800X
    Motherboard
    ASUS TUF Gaming X570-Pro WiFi
    Memory
    32 GB Crucial 3200 MHz
    Graphics Card(s)
    Nvidia GTX 3060 Ti
    Sound Card
    none
    Monitor(s) Displays
    LG 29UB55 B 29 inch
    Screen Resolution
    2560 x 1080
    Hard Drives
    Samsung 980 Pro 1 TB NVMe SSD
    PSU
    Seasonic Focus GM650
    Case
    Fractal Design Define 7 Compact
    Cooling
    Noctua NH-U12A CPU Cooler
    Keyboard
    Logitech wireless
    Mouse
    Logitech wireless
    Internet Speed
    115 Mbps download
    Browser
    Google Chrome with Duck Duck Go search
    Antivirus
    Bitdefender Total Security and Malwarebytes Premium 4.5.11
  • Operating System
    Windows 11 Pro 22621.2428
    Computer type
    Laptop
    Manufacturer/Model
    ACER Asprire 5 A515-44-R2SA
    CPU
    AMD Ryzen 7 4700U
    Motherboard
    RO Calla_RN
    Memory
    16 GB
    Graphics card(s)
    none
    Sound Card
    none
    Monitor(s) Displays
    Built in
    Screen Resolution
    1080
    Hard Drives
    SK hynix Gold P31 NVMe 1 TB
    PSU
    built in
    Case
    included
    Cooling
    stock
    Mouse
    Logitech M310 wireless
    Keyboard
    Logitech K520 wireless
    Internet Speed
    354 Mbps
    Browser
    Brave
    Antivirus
    Malwarebytes Pro and BitDefender with exceptions and allowed lists. They have been running together for years.
"A bold notification wants me to sign with your Microsoft Account (which the owner doesn't have) to finish encrypting this device."


That message is almost nothing more than spam. If you sign in, you will be encrypted. As far as I remember, toggle that off and you should be good to go. Read the tutorials in case you have any concerns
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 Build 22631.4890
    Computer type
    PC/Desktop
    Manufacturer/Model
    Sin-built
    CPU
    Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz (4th Gen?)
    Motherboard
    ASUS ROG Maximus VI Formula
    Memory
    32.0 GB of I forget and the box is in storage.
    Graphics Card(s)
    Gigabyte nVidia GeForce GTX 1660 Super OC 6GB
    Sound Card
    Onboard
    Monitor(s) Displays
    4 x LG 23MP75 - 2 x 24MK430H-B - 1 x Wacom Pro 22" Tablet
    Screen Resolution
    All over the place
    Hard Drives
    Too many to list.
    OS on Samsung 1TB 870 QVO SATA
    PSU
    Silverstone 1500
    Case
    NZXT Phantom 820 Full-Tower Case
    Cooling
    Noctua NH-D15 Elite Class Dual Tower CPU Cooler / 6 x EziDIY 120mm / 2 x Corsair 140mm somethings / 1 x 140mm Thermaltake something / 2 x 200mm Corsair.
    Keyboard
    Corsair K95 / Logitech diNovo Edge Wireless
    Mouse
    Logitech G402 / G502 / Mx Masters / MX Air Cordless
    Internet Speed
    100/40Mbps
    Browser
    All sorts
    Antivirus
    Kaspersky Premium
    Other Info
    I’m on a horse.
  • Operating System
    Windows 11 Pro 23H2 Build: 22631.4249
    Computer type
    Laptop
    Manufacturer/Model
    LENOVO Yoga 7i EVO OLED 14" Touchscreen i5 12 Core 16GB/512GB
    CPU
    Intel Core 12th Gen i5-1240P Processor (1.7 - 4.4GHz)
    Memory
    16GB LPDDR5 RAM
    Graphics card(s)
    Intel Iris Xe Graphics Processor
    Sound Card
    Optimized with Dolby Atmos®
    Screen Resolution
    QHD 2880 x 1800 OLED
    Hard Drives
    M.2 512GB
    Antivirus
    Defender / Malwarebytes
    Other Info
    …still on a horse.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 Build 22631.4890
    Computer type
    PC/Desktop
    Manufacturer/Model
    Sin-built
    CPU
    Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz (4th Gen?)
    Motherboard
    ASUS ROG Maximus VI Formula
    Memory
    32.0 GB of I forget and the box is in storage.
    Graphics Card(s)
    Gigabyte nVidia GeForce GTX 1660 Super OC 6GB
    Sound Card
    Onboard
    Monitor(s) Displays
    4 x LG 23MP75 - 2 x 24MK430H-B - 1 x Wacom Pro 22" Tablet
    Screen Resolution
    All over the place
    Hard Drives
    Too many to list.
    OS on Samsung 1TB 870 QVO SATA
    PSU
    Silverstone 1500
    Case
    NZXT Phantom 820 Full-Tower Case
    Cooling
    Noctua NH-D15 Elite Class Dual Tower CPU Cooler / 6 x EziDIY 120mm / 2 x Corsair 140mm somethings / 1 x 140mm Thermaltake something / 2 x 200mm Corsair.
    Keyboard
    Corsair K95 / Logitech diNovo Edge Wireless
    Mouse
    Logitech G402 / G502 / Mx Masters / MX Air Cordless
    Internet Speed
    100/40Mbps
    Browser
    All sorts
    Antivirus
    Kaspersky Premium
    Other Info
    I’m on a horse.
  • Operating System
    Windows 11 Pro 23H2 Build: 22631.4249
    Computer type
    Laptop
    Manufacturer/Model
    LENOVO Yoga 7i EVO OLED 14" Touchscreen i5 12 Core 16GB/512GB
    CPU
    Intel Core 12th Gen i5-1240P Processor (1.7 - 4.4GHz)
    Memory
    16GB LPDDR5 RAM
    Graphics card(s)
    Intel Iris Xe Graphics Processor
    Sound Card
    Optimized with Dolby Atmos®
    Screen Resolution
    QHD 2880 x 1800 OLED
    Hard Drives
    M.2 512GB
    Antivirus
    Defender / Malwarebytes
    Other Info
    …still on a horse.
IMG_5185.webp

That toggle, is basically giving permission to encrypt. IF you sign in, encryption will be finalised.
Toggle Device Encryption OFF to let Windows know that you are not interested in encryption.

Everyone with Windows gets the same spam message trying to entice us to encrypt.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 Build 22631.4890
    Computer type
    PC/Desktop
    Manufacturer/Model
    Sin-built
    CPU
    Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz (4th Gen?)
    Motherboard
    ASUS ROG Maximus VI Formula
    Memory
    32.0 GB of I forget and the box is in storage.
    Graphics Card(s)
    Gigabyte nVidia GeForce GTX 1660 Super OC 6GB
    Sound Card
    Onboard
    Monitor(s) Displays
    4 x LG 23MP75 - 2 x 24MK430H-B - 1 x Wacom Pro 22" Tablet
    Screen Resolution
    All over the place
    Hard Drives
    Too many to list.
    OS on Samsung 1TB 870 QVO SATA
    PSU
    Silverstone 1500
    Case
    NZXT Phantom 820 Full-Tower Case
    Cooling
    Noctua NH-D15 Elite Class Dual Tower CPU Cooler / 6 x EziDIY 120mm / 2 x Corsair 140mm somethings / 1 x 140mm Thermaltake something / 2 x 200mm Corsair.
    Keyboard
    Corsair K95 / Logitech diNovo Edge Wireless
    Mouse
    Logitech G402 / G502 / Mx Masters / MX Air Cordless
    Internet Speed
    100/40Mbps
    Browser
    All sorts
    Antivirus
    Kaspersky Premium
    Other Info
    I’m on a horse.
  • Operating System
    Windows 11 Pro 23H2 Build: 22631.4249
    Computer type
    Laptop
    Manufacturer/Model
    LENOVO Yoga 7i EVO OLED 14" Touchscreen i5 12 Core 16GB/512GB
    CPU
    Intel Core 12th Gen i5-1240P Processor (1.7 - 4.4GHz)
    Memory
    16GB LPDDR5 RAM
    Graphics card(s)
    Intel Iris Xe Graphics Processor
    Sound Card
    Optimized with Dolby Atmos®
    Screen Resolution
    QHD 2880 x 1800 OLED
    Hard Drives
    M.2 512GB
    Antivirus
    Defender / Malwarebytes
    Other Info
    …still on a horse.
These are links on Microsoft and local accounts:










 

My Computer

System One

  • OS
    Windows 10
    Computer type
    Laptop
    Manufacturer/Model
    HP
    CPU
    Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz
    Motherboard
    Product : 190A Version : KBC Version 94.56
    Memory
    16 GB Total: Manufacturer : Samsung MemoryType : DDR3 FormFactor : SODIMM Capacity : 8GB Speed : 1600
    Graphics Card(s)
    NVIDIA Quadro K3100M; Intel(R) HD Graphics 4600
    Sound Card
    IDT High Definition Audio CODEC; PNP Device ID HDAUDIO\FUNC_01&VEN_111D&DEV_76E0
    Hard Drives
    Model Hitachi HTS727575A9E364
    Antivirus
    Microsoft Defender
    Other Info
    Mobile Workstation
"How does encryption take place?

The process hasn't changed since 2013. Encryption comes into play at the end of the OOBE phase - during a clean install of Windows or the first startup of a pre-installed computer. The OS volume and other non-removable disks are encrypted with an insecure key, and then the process is suspended. In fact, the disks are encrypted but not protected by fuses, meaning that the encrypted data can be easily accessed.

1.webpWhen the first login is performed by an administrator with a Microsoft account (MSA) or the computer is brought into a domain, the fuses are activated - the disk is protected by TPM and a 48-digit recovery password.

2.webpAt the same time, this recovery password is stored in the MSA cloud settings, and in the domain in Entra ID (formerly Azure AD) or AD DS when the policy is enabled.

Will the disks be encrypted if I don't use a Microsoft account?

The disks will be encrypted, but the data will remain unprotected. You can activate the protection manually or disable encryption."
 

My Computer

System One

  • OS
    Microsoft Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    MSI MS-7D98
    CPU
    Intel Core i5-13490F
    Motherboard
    MSI B760 GAMING PLUS WIFI
    Memory
    2 x 16 Patriot Memory (PDP Systems) PSD516G560081
    Graphics Card(s)
    GIGABYTE GeForce RTX 4070 WINDFORCE OC 12G (GV-N4070WF3OC-12GD)
    Sound Card
    Bluetooth Аудио
    Monitor(s) Displays
    INNOCN 15K1F
    Screen Resolution
    1920 x 1080
    Hard Drives
    WD_BLACK SN770 250GB
    KINGSTON SNV2S1000G (ELFK0S.6)
    PSU
    Thermaltake Toughpower GF3 1000W
    Case
    CG560 - DeepCool
    Cooling
    ID-COOLING SE-224-XTS / 2 x 140Mm Fan - rear and top; 3 x 120Mm - front
    Keyboard
    Corsair K70 RGB TKL
    Mouse
    Corsair KATAR PRO XT
    Internet Speed
    100 Mbps
    Browser
    Firefox
    Antivirus
    Microsoft Defender Antivirus
    Other Info
    https://www.userbenchmark.com/UserRun/66553205
Back
Top Bottom