I have a Lenovo Yoga 3 Pro laptop that failed to boot the other day. User stopped Windows Updates in the middle and couldn’t get back in afterward. The boot drive is BitLocker encrypted and all I got when turning on the laptop is a blue screen of nothing.
The symptom of this blue screen of nothing indicates that something is wrong with the encryption. So the first step I tried is to find a way to decrypt the boot drive.
Since I can’t boot into the system to use the BitLocker GUI to do the decryption, I used a Windows 10 installation USB to boot into the Command Prompt window in the recovery mode. I also use the BitLocker recovery key to unlock the boot drive along the way.
Once I got in, I used the command line Manage-BDE to decrypt the boot drive using the following command:
manage-bde -off c:
The decryption process could take a very long time to finish. Leave it running after the command and use the following command to check the status.
manage-bde -status
Make sure the decryption is completely done before restarting the computer.
If you didn’t unlock the drive during the boot, you can still use the same command line to unlock the drive before decrypting it.
manage-bde -unlock "recovery-key"
The Yoga 3 laptop was able to back in life after the boot drive was decrypted and rebooted.
Two key takeaways of this incident are:
- You need to protect your BitLocker Recovery Key for cases like this.
- You can BitLocker encrypt and decrypt a drive using its command line, Manage-BDE.
