• Happy holidays, folks! Thanks to each and every one of you for being part of the Tom's Hardware community!

Question Remove disk safe during bitlocker decryption?

Aug 16, 2024
5
0
10
TLDR; I would like to know if by suspending the decrytpion process during it is in progress, can I now remove the disk safely from my computer while the decryption is still unfinished, without putting my data at risk?

[Moderator edit to break up solid paragraph/wall of text.}

Hello everybody,

So i have this really annoying problem (to put it mildly). I checked the internet and forums but couldn't quite find the answer I was looking for.

The other day I wanted to update some firmware and it recommended me to disable all bitlocker encrytpioons on the system.

Now i had 1 disk with bitlocker and just to be safe i wanted to disable it.

Now I was aware that it was foing to take some time, but I didn't think it would take almost a WEEK.

As it turns out, ones started there is no way back, so I figure okay I'll sit this one out. I let it run and it was already quite a bit iffy disk that has given me some problems with only barely 2 years of age on it but now during the decryption it froze and disappeared from my drives list.

Needless to say, that definitely got me sweating. So in good hope I reboted the system. Froze on reboot, had to retry a couole times. Then it finally booted again, and to my relief it restarted the decryption process again.

Next morning I woke up, checked on it and yes it was stuck again and disappeard from my drives list. Did the reboot thing a couple times again, and on start up itfroze basically right away (the decryption process). Tried a few more times with the same result.

So this next time I thought, there is this supsend button, what if I manage to click the fast enough. It worked and now it basically paused the decrytpion process. Now it says on the bottom of the window something like "suspened the decrytpion before removing the drive. Else the files on the drive can be damaged."

So to get to the point, I would like to make absolutely sure that my understanding is correct here, that by temporarily suspending the decrytpion process I am now able to remove the disk safely from my computer while the decryption is still unfinished, without putting my data at risk?

Is this correct? I the bitlocker manager it says this for the the drive "undoing bitlocker-encryption is suspended"
 
Last edited by a moderator:
Re: "The other day I wanted to update some firmware"

What firmware and why?
For my motherboard, I am trying fix a problem with it only recognizing half of my RAM. So before jumping to conclusions of a faulty motherboard (which is entirely possible because I bought it secondhand), I first want to try everything I can and then run a mem86 test. But updating this intel ME stuff and bios are step one.
 
For my motherboard, I am trying fix a problem with it only recognizing half of my RAM. So before jumping to conclusions of a faulty motherboard (which is entirely possible because I bought it secondhand), I first want to try everything I can and then run a mem86 test. But updating this intel ME stuff and bios are step one.
When updating BIOS on a system with locked by Bitlocker you need to back up TPM key which is used for it as that would also clear TPM key.
https://www.partitionwizard.com/news/backup-tpm-key.html
 
When updating BIOS on a system with locked by Bitlocker you need to back up TPM key which is used for it as that would also clear TPM key.
https://www.partitionwizard.com/news/backup-tpm-key.html
Does that also go for if it is on a peripheral disk? It's not my C disk but 1 of my other disks. Anyhow, it's kindof to late for any of that now anyways, since it is already halfway through the decrytping process. All I need to know for now is whether or not I can detach that disk during the process so I can reatach it when my new disk arrives, back this uo on to the new one and then I'll just wipe this one and/or throw this one away since it is basically just defect or on the very edge of it.
 
Last edited:
Does that also go for if it is on a peripheral disk? It's not my C disk but 1 of my other disks. Anyhow, it's kindof to latel for any of that now anyways. All I need to know for now is whether or not I can detach that disk during the process so I can reatach it when my new disk arrives, back this uo on to the new one and then I'll just wipe this one and/or throw this one away since it is basically just defect or on the very edge of it.
Yes, Bitlocker uses TPM key for any disk it locks, same key used when locking has to be used to use unlock that disk. When you update BIOS key would be lost and you would lose access to locked drive. That's why you should back TPM key up and then restore it after BIOS update. After you do that you should be able to access that locked disk with same password used to lock it. It doesn't matter if locked disk is connected or not nut to avoid any confusion better to be disconnected.
After all is finished and you get access to locked disk you can copy/backup or move files without having to unlock it completely, in other words do everything like with disk that wasn't locked. Actually, even if you are not using any encryption it's a good idea to have TPM key backed up on some neutral media. There are reports/rumors that some future update (maybe W12) may use Bitlocker to lock disk by default and without TPM key it would be inaccessible.
 
The other day I wanted to update some firmware and it recommended me to disable all bitlocker encrytpioons on the system.
Now i had 1 disk with bitlocker and just to be safe i wanted to disable it.
Now I was aware that it was foing to take some time, but I didn't think it would take almost a WEEK.
Your storage device is obviously faulty. Diagnose it properly,
And move away all your important data from it.

What model drive is it?
Is it internal? or external (USB connected) ?

And do not update motherboard firmware, if you have drives with bitlocker enabled.
Unless you know, how to back up and restore TPM keys.
I would like to make absolutely sure that my understanding is correct here, that by temporarily suspending the decrytpion process I am now able to remove the disk safely from my computer while the decryption is still unfinished, without putting my data at risk?
Is this correct? I the bitlocker manager it says this for the the drive "undoing bitlocker-encryption is suspended"
Removing disk is not the problem. Problem is firmware update.
You'll loose TPM keys and all your bitlocked data, if you update motherboard firmware.
 
  • Like
Reactions: Phillip Corcoran
Thank you guys for the answers!

I have already ordered a new disk to move all my data to. My main concern is whether or not I can detach this drive in the mean time while it's already at 50% decryption and then reatrach it to move the data once my new disk has arrived, without putting my 5-10 years worth of stuff on it in jeopardy ofc.

The faulty drive is an external drive from seagate. Marketed specifically as a "back up disk". It barely lasted 2 years, just long enough to void the warranty, then it starting showing signs of failure (wouldn't repond the the bitlocker key, certian maps wouldn't open, but both were fixed with a simple plug-out/plug-in).

So yeah, I am moving everything to the new disk I ordered as it is still fully accecable as far as I can tell. Then I'll update my firmware. And after that, i don't know what I'll do with the old disk, probably just get it mauled by one of those harddisk pulverizers.

Just to get back that faulty disk one last time, after running into some problems it, I checked online. Turns out in the mean time I bought the disk, a whole lot more reviews popped up of people that noticed the disk lasting only as long as it's 2 year warranty. Almost to the dot. The data I backed up on it, the disks that the data came from are still running strong after almost 5-7 years with no signs of trouble yet.

So the disks the "special back up disk" was supposed to back up, far out lived the back up disk. I will NEVER be buying seagate ever again. If a company makes such a product once, I will not trust you twice with my data. Because this was cleary ENGINEERED to only last as long as it's warranty, and I don't do business with that type of company.
 
I will NEVER be buying seagate ever again. If a company makes such a product once, I will not trust you twice with my data. Because this was cleary ENGINEERED to only last as long as it's warranty, and I don't do business with that type of company.
My last 3 dead drives were:
3 TB WD HDD
14TB Toshiba HDD
1TB SanDisk SSD

If I avoided every manufacturer that had a dead drive, I'd be using clay tablets.
 
My last 3 dead drives were:
3 TB WD HDD
14TB Toshiba HDD
1TB SanDisk SSD

If I avoided every manufacturer that had a dead drive, I'd be using clay tablets.
Lol, fair. But to me the difference is the consistency of the drives failing right after their warrenty. Which just means they specifically made them that way. That, to me, is a different kind of dead drive. And for the record, I've literally had dosens of drives in my life, some 15 to 20, if not more. Never had I have a drive fail in 2 years, they all easily lasted 5 years or more. So to have a backup disk last even shorter is just beyond me. Almost everything I put on it was writen on it once and then only occasionally used to read. Not a whole llit of moving, deleting overwriting. So in other words, it was just a really sh***y drive. There's no other way of putting it.
 
Lol, fair. But to me the difference is the consistency of the drives failing right after their warrenty. Which just means they specifically made them that way. That, to me, is a different kind of dead drive. And for the record, I've literally had dosens of drives in my life, some 15 to 20, if not more. Never had I have a drive fail in 2 years, they all easily lasted 5 years or more. So to have a backup disk last even shorter is just beyond me. Almost everything I put on it was writen on it once and then only occasionally used to read. Not a whole llit of moving, deleting overwriting. So in other words, it was just a really sh***y drive. There's no other way of putting it.
In that above, the SanDisk SSD died just 33 days past the 3 year warranty.

SanDisk gave me a new one anyway. I knew it was past, SanDisk knew it was past, they hooked my up anyway.
6 years later, the replacement is still going strong.

The WD HDD died at 5 weeks, the Tosh at 7 months.
 

TRENDING THREADS