In today’s post, we will identify the cause and the offer the possible workaround to the issue of Too many PIN entry attempts error message that you might encounter after you enter a BitLocker PIN at Windows 10 startup. This issue applies to Windows 10 and as well as Windows 8.1 and Windows 7.
The BitLocker Drive Encryption is a full disk encryption feature included with Windows operating systems designed to protect data by providing encryption for entire volumes. By default, it uses the AES encryption algorithm in CBC mode with a 128-bit key, combined with the Elephant diffuser for additional disk encryption specific security not provided by AES.
Too many PIN entry attempts – BitLocker error
You experience this issue after you enter a BitLocker PIN at Windows startup on a new computer that is running an OEM version of Windows 10, and you receive the following error message:
Too many PIN entry attempts.There is a limit on the number ot attempts allowed. To reboot and try again,pressEnter. For other recovery options,press Esc.
This issue occurs because the OEM doesn’t reset the lockout count before shipping the device. Or simply that the TPM chip thinks it’s being threatened and therefore has locked itself, preventing the PIN entry (which you’re most likely typing incorrectly) from unlocking the drive.
To work around this issue, do any the following in no particular order:
- Input the BitLocker recovery key.
- Wait until the unlock period expires, and then enter the correct PIN.
- Reinstall the operating system, and then reset the TPM chip.
- Contact the OEM for support.
- Unlock the drive or turn off BitLocker. To do this, follow these steps:
- At the BitLocker entry screen, press ESC to access other recovery options.
- Select the command prompt option.
- Enter Manage-bde to either unlock the system drive or turn off BitLocker. To do this, enter the appropriate command, and then press Enter:
Unlock the system drive
manage-bde –unlock <DriveLetter>: –recoverypassword <Password>
manage-bde –unlock <DriveLetter>: –recoverykey <RecoveryKey>
Turn off BitLocker
manage-bde –off <DriveLetter>:
You can also try the following steps below and see if it helps.
- Reboot the device, entering the Recovery Key (which you must have) to boot Windows.
- Log in to Windows as an administrator
- Suspend BitLocker using the command below:
Suspend-bitlocker -MountPoint “C:” -RebootCount 0
The reboot count option prevents BitLocker from being re-enabled on reboot.
- Now, press Windows key + R. In the Run dialog box, type tpm.msc hit Enter.
- Once the TPM wizard is launched, proceed to clear the TPM Chip.
- Restart the computer as instructed.
- Next, approve the TPM Reset action – the notification is provided by the BIOS/UEFI.
- Log in to Windows as an administrator, and the following prompt will appear informing you of the TPM reset:
- Finally, resume BitLocker protection by running the command below:
Resume-BitLocker -MountPoint “C:” -Confirm
And that’s it! Hope this helps.