Question FTPM reset???

[Scottish2]

Hi All

So had an issue last night where my system locked up and I had to hold the power button down to shut down when I booted back up first screen I got was a black screen with the following text in the middle

"Press Y to reset fTPM, if you have Bitlocker or encryption-enabled system, the system will not boot without a recovery key. Press N to keep previous fTPM record and continue system boot. fTPM will NOT be enabled with new cpu unless fTPM is (previously initialised) you could swap back to the old CPU to recover TPM related keys and data ?" YES/NO

So I went with the N option as was not sure what pressing Y would do so did that and got my key and entered it and got logged back in but now this screen pops up every time I boot up.

What happens if I press Y? will that reset the bitlocker code which seems to be what it does from what I saw and also will pressing Y mess up anything on my computer that needs backing up before doing it such as all my photos and videos and music and such.
It's a Dell Alienware laptop and no hardware has been changed since I bought it is the default system I got with the exception of my USB mouse.

 

[hotaru.hino]

BitLocker uses values generated by fTPM to validate the computer it's on is the one it's supposed to be on. Pressing Y means fTPM will generate new values that BitLocker isn't expecting, so Bitlocker won't start decrypting the drive. You'll have to use a recovery key to tell BitLocker the new values are OK.

So this shouldn't touch the data on your drive, but you should back your data up just in case.

 

[Scottish2]

BitLocker uses values generated by fTPM to validate the computer it's on is the one it's supposed to be on. Pressing Y means fTPM will generate new values that BitLocker isn't expecting, so Bitlocker won't start decrypting the drive. You'll have to use a recovery key to tell BitLocker the new values are OK.

So this shouldn't touch the data on your drive, but you should back your data up just in case.

Regarding back up understand.

Now regarding the bit locker if I press Y will I use the same code I have been using to get past that up until now or how do I get the new code if it changes with the reset????

 

[hotaru.hino]

Regarding back up understand.

Now regarding the bit locker if I press Y will I use the same code I have been using to get past that up until now or how do I get the new code if it changes with the reset????

The TPM will generate a new value. You'll have to use the BitLocker recovery key to use the data on the drive again.

 

[Scottish2]

The TPM will generate a new value. You'll have to use the BitLocker recovery key to use the data on the drive again.

right but what I am asking is this.

Just for example lets say my bitlocker recovery key is as follows as of this moment.

111111-111111-111111-111111-111111-111111-111111-111111

So when I log in next lets say I hit Y to reset the FTPM. Will the new FTPM also use the same bitlocker recovery key of

111111-111111-111111-111111-111111-111111-111111-111111

or will the new key be different as the only key I know how to get for my system is the one in my Microsoft account which I assume won't change unless it's automatically changed but.......

So will the key for the new FTPM be the same as for the old FTPM? Or different?

 

[GarrettL]

AMD fTPM and Intel PTT: Everything You Need to Know

AMD and Intel have their own versions of what are quite similar technologies. But how do they work?

www.makeuseof.com

 

[hotaru.hino]

right but what I am asking is this.

Just for example lets say my bitlocker recovery key is as follows as of this moment.

111111-111111-111111-111111-111111-111111-111111-111111

So when I log in next lets say I hit Y to reset the FTPM. Will the new FTPM also use the same bitlocker recovery key of

111111-111111-111111-111111-111111-111111-111111-111111

or will the new key be different as the only key I know how to get for my system is the one in my Microsoft account which I assume won't change unless it's automatically changed but.......

So will the key for the new FTPM be the same as for the old FTPM? Or different?

If you're talking about the recovery key, it'll probably stay the same since that key is used to encrypt the volume master key which is stored in the TPM. And the times I've had to input a recovery key, I don't recall needing to know about a new one. But obviously, you should verify if this is the case.

In any case, from what I can gather, resetting TPM only affects the validation part of the handshaking. It doesn't appear to affect any keys regarding decrypting the volume itself.

See https://blog.elcomsoft.com/2021/01/understanding-bitlocker-tpm-protection/

 

[Scottish2]

If you're talking about the recovery key, it'll probably stay the same since that key is used to encrypt the volume master key which is stored in the TPM. And the times I've had to input a recovery key, I don't recall needing to know about a new one. But obviously, you should verify if this is the case.

In any case, from what I can gather, resetting TPM only affects the validation part of the handshaking. It doesn't appear to affect any keys regarding decrypting the volume itself.

See https://blog.elcomsoft.com/2021/01/understanding-bitlocker-tpm-protection/

OK Great thanks!